Vulnerability Database

289,599

Total vulnerabilities in the database

CVE-2017-8213

Huawei SMC2.0 with software of V100R003C10, V100R005C00SPC100, V100R005C00SPC101B001T, V100R005C00SPC102, V100R005C00SPC103, V100R005C00SPC200, V100R005C00SPC201T, V500R002C00, V600R006C00 has an input validation vulnerability when handle TLS and DTLS handshake with certificate. Due to the insufficient validation of received PKI certificates, remote attackers could exploit this vulnerability to crash the TLS module.

  • Published: Nov 22, 2017
  • Updated: Apr 13, 2023
  • CVE: CVE-2017-8213
  • Severity: Medium
  • Exploit:

CVSS v3:

  • Severity: Medium
  • Score: 5.3
  • AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L

CVSS v2:

  • Severity: Medium
  • Score: 5
  • AV:N/AC:L/Au:N/C:N/I:N/A:P

CWEs:

OWASP TOP 10:

Software From Fixed in
huawei / smc2.0_firmware 100r003c10 100r003c10.x
huawei / smc2.0_firmware 100r005c00spc100 100r005c00spc100.x
huawei / smc2.0_firmware 100r005c00spc101b001t 100r005c00spc101b001t.x
huawei / smc2.0_firmware 100r005c00spc102 100r005c00spc102.x
huawei / smc2.0_firmware 100r005c00spc103 100r005c00spc103.x
huawei / smc2.0_firmware 100r005c00spc200 100r005c00spc200.x
huawei / smc2.0_firmware 100r005c00spc201t 100r005c00spc201t.x
huawei / smc2.0_firmware 500r002c00 500r002c00.x
huawei / smc2.0_firmware 600r006c00 600r006c00.x