{"resultsPerPage":1,"startIndex":0,"totalResults":1,"format":"NVD_CVE","version":"2.0","timestamp":"2026-04-20T00:40:58.792","vulnerabilities":[{"cve":{"id":"CVE-2017-17305","sourceIdentifier":"psirt@huawei.com","published":"2018-08-21T13:29:00.263","lastModified":"2024-11-21T03:17:48.070","vulnStatus":"Modified","cveTags":[],"descriptions":[{"lang":"en","value":"Some Huawei Firewall products USG2205BSR V300R001C10SPC600; USG2220BSR V300R001C00; USG5120BSR V300R001C00; USG5150BSR V300R001C00 have a Bleichenbacher Oracle vulnerability in the IPSEC IKEv1 implementations. Remote attackers can decrypt IPSEC tunnel ciphertext data by leveraging a Bleichenbacher RSA padding oracle. Cause a Bleichenbacher oracle attack. Successful exploit this vulnerability can impact IPSec tunnel security."},{"lang":"es","value":"Algunos productos Firewall de Huawei, en sus modelos USG2205BSR V300R001C10SPC600; USG2220BSR V300R001C00; USG5120BSR V300R001C00; USG5150BSR y V300R001C00 tienen una vulnerabilidad de oráculo de Bleichenbacher en las implementaciones IPSEC IKEv1. Los atacantes remotos puedes descifrar los datos del texto cifrado mediante un túnel IPSEC utilizando un oráculo de Bleichenbacher en el relleno (padding) de RSA. Esto puede provocar un ataque de oráculo de Bleichenbacher. Su explotación con éxito puede afectar a la seguridad del túnel IPSec."}],"metrics":{"cvssMetricV30":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.0","vectorString":"CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N","baseScore":5.9,"baseSeverity":"MEDIUM","attackVector":"NETWORK","attackComplexity":"HIGH","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"NONE","availabilityImpact":"NONE"},"exploitabilityScore":2.2,"impactScore":3.6}],"cvssMetricV2":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"2.0","vectorString":"AV:N/AC:M/Au:N/C:P/I:N/A:N","baseScore":4.3,"accessVector":"NETWORK","accessComplexity":"MEDIUM","authentication":"NONE","confidentialityImpact":"PARTIAL","integrityImpact":"NONE","availabilityImpact":"NONE"},"baseSeverity":"MEDIUM","exploitabilityScore":8.6,"impactScore":2.9,"acInsufInfo":false,"obtainAllPrivilege":false,"obtainUserPrivilege":false,"obtainOtherPrivilege":false,"userInteractionRequired":false}]},"weaknesses":[{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"CWE-310"}]}],"configurations":[{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:huawei:usg2205bsr_firmware:v300r001c10spc600:*:*:*:*:*:*:*","matchCriteriaId":"B6C9DEE4-F23B-4F54-9868-EDF5AC95D333"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:huawei:usg2205bsr:-:*:*:*:*:*:*:*","matchCriteriaId":"D9D90A5F-E41D-4CFD-86D2-FB208031CBAB"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:huawei:usg2220bsr_firmware:v300r001c00:*:*:*:*:*:*:*","matchCriteriaId":"4B8F1406-67A4-4A46-8248-1712E85FE1D9"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:huawei:usg2220bsr:-:*:*:*:*:*:*:*","matchCriteriaId":"3E4257B6-A1C0-4585-93EF-63081534C5E5"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:huawei:usg5120bsr_firmware:v300r001c00:*:*:*:*:*:*:*","matchCriteriaId":"54B9E222-40C0-408C-A669-8CF99836FE62"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:huawei:usg5120bsr:-:*:*:*:*:*:*:*","matchCriteriaId":"9C515743-EA4D-41A6-B295-90EBA5553AD6"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:huawei:usg5150bsr_firmware:v300r001c00:*:*:*:*:*:*:*","matchCriteriaId":"56E5A858-16C9-4085-BE5A-78A680D2F4D5"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:huawei:usg5150bsr:-:*:*:*:*:*:*:*","matchCriteriaId":"3F058EF4-A6D4-4931-B571-332E0C1B052D"}]}]}],"references":[{"url":"https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20180813-01-Bleichenbacher-en","source":"psirt@huawei.com","tags":["Vendor Advisory"]},{"url":"https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20180813-01-Bleichenbacher-en","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Vendor Advisory"]}]}}]}