{"resultsPerPage":1,"startIndex":0,"totalResults":1,"format":"NVD_CVE","version":"2.0","timestamp":"2026-04-20T18:00:11.981","vulnerabilities":[{"cve":{"id":"CVE-2017-8156","sourceIdentifier":"psirt@huawei.com","published":"2017-11-22T19:29:03.583","lastModified":"2025-04-20T01:37:25.860","vulnStatus":"Deferred","cveTags":[],"descriptions":[{"lang":"en","value":"The outdoor unit of Customer Premise Equipment (CPE) product B2338-168 V100R001C00 has a no authentication vulnerability on the serial port. An attacker can access the serial port on the circuit board of the outdoor unit and log in to the CPE without authentication. Successful exploit could allow the attacker to take control over the outdoor unit."},{"lang":"es","value":"La unidad externa del producto CPE (Customer Premise Equipment) B2338-168 V100R001C00 tiene una vulnerabilidad de falta de autenticación en el puerto en serie. Un atacante podría acceder al puerto en serie de la placa base de la unidad externa e iniciar sesión en el CPE sin autenticación. Un exploit exitoso podría permitir que el atacante tome el control de la unidad externa."}],"metrics":{"cvssMetricV30":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.0","vectorString":"CVSS:3.0/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H","baseScore":6.8,"baseSeverity":"MEDIUM","attackVector":"PHYSICAL","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":0.9,"impactScore":5.9}],"cvssMetricV2":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"2.0","vectorString":"AV:L/AC:L/Au:N/C:C/I:C/A:C","baseScore":7.2,"accessVector":"LOCAL","accessComplexity":"LOW","authentication":"NONE","confidentialityImpact":"COMPLETE","integrityImpact":"COMPLETE","availabilityImpact":"COMPLETE"},"baseSeverity":"HIGH","exploitabilityScore":3.9,"impactScore":10.0,"acInsufInfo":false,"obtainAllPrivilege":false,"obtainUserPrivilege":false,"obtainOtherPrivilege":false,"userInteractionRequired":false}]},"weaknesses":[{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"CWE-306"}]}],"configurations":[{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:huawei:b2338-168_firmware:v100r001c00:*:*:*:*:*:*:*","matchCriteriaId":"FD789B64-6402-4D02-80F8-8B4AE3AD4D45"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:huawei:b2338-168:-:*:*:*:*:*:*:*","matchCriteriaId":"1C2FBFF5-2AE7-4F3C-9D1D-111C07F75717"}]}]}],"references":[{"url":"http://www.huawei.com/en/psirt/security-advisories/2017/huawei-sa-20170920-01-cpe-en","source":"psirt@huawei.com","tags":["Vendor Advisory"]},{"url":"http://www.huawei.com/en/psirt/security-advisories/2017/huawei-sa-20170920-01-cpe-en","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Vendor Advisory"]}]}}]}