Search

Find a vulnerability

Search criteria

    2 vulnerabilities found for SMC2.0 by Huawei Technologies Co., Ltd.

    CVE-2017-8213 (GCVE-0-2017-8213)

    Vulnerability from nvd – Published: 2017-11-22 19:00 – Updated: 2024-09-16 17:54
    VLAI
    Summary
    Huawei SMC2.0 with software of V100R003C10, V100R005C00SPC100, V100R005C00SPC101B001T, V100R005C00SPC102, V100R005C00SPC103, V100R005C00SPC200, V100R005C00SPC201T, V500R002C00, V600R006C00 has an input validation vulnerability when handle TLS and DTLS handshake with certificate. Due to the insufficient validation of received PKI certificates, remote attackers could exploit this vulnerability to crash the TLS module.
    Severity
    No CVSS data available.
    CWE
    • input validation
    Assigner
    References
    Impacted products
    Vendor Product Version
    Huawei Technologies Co., Ltd. SMC2.0 Affected: V100R003C10,V100R005C00SPC100,V100R005C00SPC101B001T,V100R005C00SPC102,V100R005C00SPC103,V100R005C00SPC200,V100R005C00SPC201T,V500R002C00,V600R006C00,
    Create a notification for this product.
    Date Public
    2017-11-15 00:00
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-05T16:27:23.238Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "tags": [
                  "x_refsource_CONFIRM",
                  "x_transferred"
                ],
                "url": "http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20170705-01-tls-en"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "SMC2.0",
              "vendor": "Huawei Technologies Co., Ltd.",
              "versions": [
                {
                  "status": "affected",
                  "version": "V100R003C10,V100R005C00SPC100,V100R005C00SPC101B001T,V100R005C00SPC102,V100R005C00SPC103,V100R005C00SPC200,V100R005C00SPC201T,V500R002C00,V600R006C00,"
                }
              ]
            }
          ],
          "datePublic": "2017-11-15T00:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "value": "Huawei SMC2.0 with software of V100R003C10, V100R005C00SPC100, V100R005C00SPC101B001T, V100R005C00SPC102, V100R005C00SPC103, V100R005C00SPC200, V100R005C00SPC201T, V500R002C00, V600R006C00 has an input validation vulnerability when handle TLS and DTLS handshake with certificate. Due to the insufficient validation of received PKI certificates, remote attackers could exploit this vulnerability to crash the TLS module."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "input validation",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2017-11-27T16:57:01.000Z",
            "orgId": "25ac1063-e409-4190-8079-24548c77ea2e",
            "shortName": "huawei"
          },
          "references": [
            {
              "tags": [
                "x_refsource_CONFIRM"
              ],
              "url": "http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20170705-01-tls-en"
            }
          ],
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "psirt@huawei.com",
              "DATE_PUBLIC": "2017-11-15T00:00:00",
              "ID": "CVE-2017-8213",
              "STATE": "PUBLIC"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "SMC2.0",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "V100R003C10,V100R005C00SPC100,V100R005C00SPC101B001T,V100R005C00SPC102,V100R005C00SPC103,V100R005C00SPC200,V100R005C00SPC201T,V500R002C00,V600R006C00,"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "Huawei Technologies Co., Ltd."
                  }
                ]
              }
            },
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "Huawei SMC2.0 with software of V100R003C10, V100R005C00SPC100, V100R005C00SPC101B001T, V100R005C00SPC102, V100R005C00SPC103, V100R005C00SPC200, V100R005C00SPC201T, V500R002C00, V600R006C00 has an input validation vulnerability when handle TLS and DTLS handshake with certificate. Due to the insufficient validation of received PKI certificates, remote attackers could exploit this vulnerability to crash the TLS module."
                }
              ]
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "input validation"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20170705-01-tls-en",
                  "refsource": "CONFIRM",
                  "url": "http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20170705-01-tls-en"
                }
              ]
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "25ac1063-e409-4190-8079-24548c77ea2e",
        "assignerShortName": "huawei",
        "cveId": "CVE-2017-8213",
        "datePublished": "2017-11-22T19:00:00.000Z",
        "dateReserved": "2017-04-25T00:00:00.000Z",
        "dateUpdated": "2024-09-16T17:54:04.082Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2017-8213 (GCVE-0-2017-8213)

    Vulnerability from cvelistv5 – Published: 2017-11-22 19:00 – Updated: 2024-09-16 17:54
    VLAI
    Summary
    Huawei SMC2.0 with software of V100R003C10, V100R005C00SPC100, V100R005C00SPC101B001T, V100R005C00SPC102, V100R005C00SPC103, V100R005C00SPC200, V100R005C00SPC201T, V500R002C00, V600R006C00 has an input validation vulnerability when handle TLS and DTLS handshake with certificate. Due to the insufficient validation of received PKI certificates, remote attackers could exploit this vulnerability to crash the TLS module.
    Severity
    No CVSS data available.
    CWE
    • input validation
    Assigner
    References
    Impacted products
    Vendor Product Version
    Huawei Technologies Co., Ltd. SMC2.0 Affected: V100R003C10,V100R005C00SPC100,V100R005C00SPC101B001T,V100R005C00SPC102,V100R005C00SPC103,V100R005C00SPC200,V100R005C00SPC201T,V500R002C00,V600R006C00,
    Create a notification for this product.
    Date Public
    2017-11-15 00:00
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-05T16:27:23.238Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "tags": [
                  "x_refsource_CONFIRM",
                  "x_transferred"
                ],
                "url": "http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20170705-01-tls-en"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "SMC2.0",
              "vendor": "Huawei Technologies Co., Ltd.",
              "versions": [
                {
                  "status": "affected",
                  "version": "V100R003C10,V100R005C00SPC100,V100R005C00SPC101B001T,V100R005C00SPC102,V100R005C00SPC103,V100R005C00SPC200,V100R005C00SPC201T,V500R002C00,V600R006C00,"
                }
              ]
            }
          ],
          "datePublic": "2017-11-15T00:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "value": "Huawei SMC2.0 with software of V100R003C10, V100R005C00SPC100, V100R005C00SPC101B001T, V100R005C00SPC102, V100R005C00SPC103, V100R005C00SPC200, V100R005C00SPC201T, V500R002C00, V600R006C00 has an input validation vulnerability when handle TLS and DTLS handshake with certificate. Due to the insufficient validation of received PKI certificates, remote attackers could exploit this vulnerability to crash the TLS module."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "input validation",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2017-11-27T16:57:01.000Z",
            "orgId": "25ac1063-e409-4190-8079-24548c77ea2e",
            "shortName": "huawei"
          },
          "references": [
            {
              "tags": [
                "x_refsource_CONFIRM"
              ],
              "url": "http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20170705-01-tls-en"
            }
          ],
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "psirt@huawei.com",
              "DATE_PUBLIC": "2017-11-15T00:00:00",
              "ID": "CVE-2017-8213",
              "STATE": "PUBLIC"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "SMC2.0",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "V100R003C10,V100R005C00SPC100,V100R005C00SPC101B001T,V100R005C00SPC102,V100R005C00SPC103,V100R005C00SPC200,V100R005C00SPC201T,V500R002C00,V600R006C00,"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "Huawei Technologies Co., Ltd."
                  }
                ]
              }
            },
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "Huawei SMC2.0 with software of V100R003C10, V100R005C00SPC100, V100R005C00SPC101B001T, V100R005C00SPC102, V100R005C00SPC103, V100R005C00SPC200, V100R005C00SPC201T, V500R002C00, V600R006C00 has an input validation vulnerability when handle TLS and DTLS handshake with certificate. Due to the insufficient validation of received PKI certificates, remote attackers could exploit this vulnerability to crash the TLS module."
                }
              ]
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "input validation"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20170705-01-tls-en",
                  "refsource": "CONFIRM",
                  "url": "http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20170705-01-tls-en"
                }
              ]
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "25ac1063-e409-4190-8079-24548c77ea2e",
        "assignerShortName": "huawei",
        "cveId": "CVE-2017-8213",
        "datePublished": "2017-11-22T19:00:00.000Z",
        "dateReserved": "2017-04-25T00:00:00.000Z",
        "dateUpdated": "2024-09-16T17:54:04.082Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }