Some Huawei Firewall products USG2205BSR V300R001C10SPC600; USG2220BSR V300R001C00; USG5120BSR V300R001C00; USG5150BSR V300R001C00 have a Bleichenbacher Oracle vulnerability in the IPSEC IKEv1 implementations. Remote attackers can decrypt IPSEC tunnel ciphertext data by leveraging a Bleichenbacher RSA padding oracle. Cause a Bleichenbacher oracle attack. Successful exploit this vulnerability can impact IPSec tunnel security.
Published 2018-08-21 13:29:00
Updated 2018-10-12 16:48:53
View at NVD,   CVE.org

Exploit prediction scoring system (EPSS) score for CVE-2017-17305

0.18%
Probability of exploitation activity in the next 30 days EPSS Score History
~ 54 %
Percentile, the proportion of vulnerabilities that are scored at or less

CVSS scores for CVE-2017-17305

Base Score Base Severity CVSS Vector Exploitability Score Impact Score Score Source First Seen
4.3
MEDIUM AV:N/AC:M/Au:N/C:P/I:N/A:N
8.6
2.9
NIST
5.9
MEDIUM CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N
2.2
3.6
NIST

CWE ids for CVE-2017-17305

  • Assigned by: nvd@nist.gov (Primary)

References for CVE-2017-17305

Products affected by CVE-2017-17305

This web site uses cookies for managing your session, storing preferences, website analytics and additional purposes described in our privacy policy.
By using this web site you are agreeing to CVEdetails.com terms of use!