CVE-2017-17223

Huawei eSpace 7910 V200R003C30; eSpace 7950 V200R003C30; eSpace 8950 V200R003C00; V200R003C30 have a directory traversal vulnerability. An authenticated, remote attacker can craft specific URL to the affected products. Due to insufficient verification of the URL, successful exploit will upload and download files and cause information leak and system crash.

CVSS v3 8.8 HIGH
CVSS v2.0 8.0 HIGH

8.8^/10

CVSS v3 : HIGH

Vector : AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

Exploitability : 2.8 / Impact : 5.9

Attack Vector NETWORK

Attack Complexity LOW

Privileges Required LOW

User Interaction NONE

Confidentiality Impact HIGH

Integrity Impact HIGH

Availability Impact HIGH

Scope UNCHANGED

8.0^/10

CVSS v2.0 : HIGH

Vector : AV:N/AC:L/Au:S/C:P/I:P/A:C

Exploitability : 8.0 / Impact : 8.5

Access Vector NETWORK

Access Complexity LOW

Authentication SINGLE

Confidentiality Impact PARTIAL

Integrity Impact PARTIAL

Availability Impact COMPLETE

References

Link	Resource
http://www.huawei.com/en/psirt/security-advisories/2018/huawei-sa-20180131-02-espace-en	Vendor Advisory

Configurations

Configuration 1 (hide)

AND

cpe:2.3:o:huawei:espace_7910_firmware:v200r003c30:*:*:*:*:*:*:*

cpe:2.3:h:huawei:espace_7910:-:*:*:*:*:*:*:*

Configuration 2 (hide)

AND

cpe:2.3:o:huawei:espace_7950_firmware:v200r003c30:*:*:*:*:*:*:*

cpe:2.3:h:huawei:espace_7950:-:*:*:*:*:*:*:*

Configuration 3 (hide)

AND

OR	cpe:2.3:o:huawei:espace_8950_firmware:v200r003c00:::::::*
	cpe:2.3:o:huawei:espace_8950_firmware:v200r003c30:::::::*

cpe:2.3:h:huawei:espace_8950:-:*:*:*:*:*:*:*

History

No history.

Information

Published : 2018-03-09 17:29

Updated : 2023-12-10 12:30

NVD link : CVE-2017-17223

Mitre link : CVE-2017-17223

CVE.ORG link : CVE-2017-17223

JSON object : View

Products Affected

huawei

espace_8950_firmware
espace_7910
espace_7950_firmware
espace_7950
espace_7910_firmware
espace_8950

CWE

CWE-22

Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')

{"id": "CVE-2017-17223", "metrics": {"cvssMetricV2": [{"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"version": "2.0", "baseScore": 8.0, "accessVector": "NETWORK", "vectorString": "AV:N/AC:L/Au:S/C:P/I:P/A:C", "authentication": "SINGLE", "integrityImpact": "PARTIAL", "accessComplexity": "LOW", "availabilityImpact": "COMPLETE", "confidentialityImpact": "PARTIAL"}, "acInsufInfo": false, "impactScore": 8.5, "baseSeverity": "HIGH", "obtainAllPrivilege": false, "exploitabilityScore": 8.0, "obtainUserPrivilege": false, "obtainOtherPrivilege": false, "userInteractionRequired": false}], "cvssMetricV30": [{"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"scope": "UNCHANGED", "version": "3.0", "baseScore": 8.8, "attackVector": "NETWORK", "baseSeverity": "HIGH", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "integrityImpact": "HIGH", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "HIGH", "privilegesRequired": "LOW", "confidentialityImpact": "HIGH"}, "impactScore": 5.9, "exploitabilityScore": 2.8}]}, "published": "2018-03-09T17:29:01.347", "references": [{"url": "http://www.huawei.com/en/psirt/security-advisories/2018/huawei-sa-20180131-02-espace-en", "tags": ["Vendor Advisory"], "source": "psirt@huawei.com"}], "vulnStatus": "Analyzed", "weaknesses": [{"type": "Primary", "source": "nvd@nist.gov", "description": [{"lang": "en", "value": "CWE-22"}]}], "descriptions": [{"lang": "en", "value": "Huawei eSpace 7910 V200R003C30; eSpace 7950 V200R003C30; eSpace 8950 V200R003C00; V200R003C30 have a directory traversal vulnerability. An authenticated, remote attacker can craft specific URL to the affected products. Due to insufficient verification of the URL, successful exploit will upload and download files and cause information leak and system crash."}, {"lang": "es", "value": "Huawei eSpace 7910 V200R003C30; eSpace 7950 V200R003C30 y eSpace 8950 V200R003C00 y V200R003C30 tienen una vulnerabilidad de salto de directorio. Un atacante remoto autenticado podr\u00eda manipular un archivo URL espec\u00edficas en los productos afectados. Dada la validaci\u00f3n insuficiente de la URL, un exploit con \u00e9xito cargar\u00e1 y descargar\u00e1 archivos y provocar\u00e1 un filtrado de informaci\u00f3n y el cierre inesperado del sistema."}], "lastModified": "2018-03-26T17:26:08.040", "configurations": [{"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:huawei:espace_7910_firmware:v200r003c30:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "2BD48657-22D4-4CAD-88DB-F60A2964CABF"}], "operator": "OR"}, {"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:h:huawei:espace_7910:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "DC59BBCD-9CBC-4D16-AB67-5C28FE9CFAF2"}], "operator": "OR"}], "operator": "AND"}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:huawei:espace_7950_firmware:v200r003c30:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "4523A712-FF77-4BDA-B213-0AE2BDC4152C"}], "operator": "OR"}, {"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:h:huawei:espace_7950:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "185783AE-3135-471E-8D55-4BAB3A187F21"}], "operator": "OR"}], "operator": "AND"}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:huawei:espace_8950_firmware:v200r003c00:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "72548F60-D6B8-4498-8668-9074A706C3A7"}, {"criteria": "cpe:2.3:o:huawei:espace_8950_firmware:v200r003c30:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "6E0B1E39-ACEB-44FB-BDDE-F3856CF6137A"}], "operator": "OR"}, {"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:h:huawei:espace_8950:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "D8BFC4FD-DC7A-47E9-BC06-86F11E2211AE"}], "operator": "OR"}], "operator": "AND"}], "sourceIdentifier": "psirt@huawei.com"}