Home

CVE-2017-17303

Description

Huawei DP300 V500R002C00; V500R002C00B010; V500R002C00B011; V500R002C00B012; V500R002C00B013; V500R002C00B014; V500R002C00B017; V500R002C00B018; V500R002C00SPC100; V500R002C00SPC200; V500R002C00SPC300; V500R002C00SPC400; V500R002C00SPC500; V500R002C00SPC600; V500R002C00SPC800; V500R002C00SPC900; V500R002C00SPCa00; RP200 V500R002C00SPC200; V600R006C00; V600R006C00SPC200; V600R006C00SPC300; TE30 V100R001C10SPC300; V100R001C10SPC500; V100R001C10SPC600; V100R001C10SPC700B010; V500R002C00SPC200; V500R002C00SPC500; V500R002C00SPC600; V500R002C00SPC700; V500R002C00SPC900; V500R002C00SPCb00; V600R006C00; V600R006C00SPC200; V600R006C00SPC300; TE40 V500R002C00SPC600; V500R002C00SPC700; V500R002C00SPC900; V500R002C00SPCb00; V600R006C00; V600R006C00SPC200; V600R006C00SPC300; TE50 V500R002C00SPC600; V500R002C00SPC700; V500R002C00SPCb00; V600R006C00; V600R006C00SPC200; V600R006C00SPC300; TE60 V100R001C10; V100R001C10B001; V100R001C10B002; V100R001C10B010; V100R001C10B011; V100R001C10B012; V100R001C10B013; V100R001C10B014; V100R001C10B016; V100R001C10B017; V100R001C10B018; V100R001C10B019; V100R001C10SPC400; V100R001C10SPC500; V100R001C10SPC600; V100R001C10SPC700; V100R001C10SPC800B011; V100R001C10SPC900; V500R002C00; V500R002C00B010; V500R002C00B011; V500R002C00SPC100; V500R002C00SPC200; V500R002C00SPC300; V500R002C00SPC600; V500R002C00SPC700; V500R002C00SPC800; V500R002C00SPC900; V500R002C00SPCa00; V500R002C00SPCb00; V500R002C00SPCd00; V500R002C00SPCe00; V600R006C00; V600R006C00SPC100; V600R006C00SPC200; V600R006C00SPC300 use the CIDAM protocol, which contains sensitive information in the message when it is implemented. So these products has an information disclosure vulnerability. An authenticated remote attacker could track and get the message of a target system. Successful exploit could allow the attacker to get the information and cause the sensitive information disclosure.

Risk Information

Base Score
4.9
MODERATE
Vector
CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N
EPSS Score
Exploitation Probability
0.094

Associated Vulnerability

VulnerabilityOS Platform
Vulnerabilities CVE-2017-17168 ,CVE-2017-17169 ,CVE-2017-17170 ,CVE-2017-17303 ,CVE-2017-17304 are affected in dp300_firmware v500r002c00b018NCM
Vulnerabilities CVE-2017-17168 ,CVE-2017-17169 ,CVE-2017-17170 ,CVE-2017-17303 ,CVE-2017-17304 are affected in dp300_firmware v500r002c00b017NCM
Vulnerabilities CVE-2017-17168 ,CVE-2017-17169 ,CVE-2017-17170 ,CVE-2017-17303 ,CVE-2017-17304 are affected in dp300_firmware v500r002c00b014NCM
Vulnerabilities CVE-2017-17168 ,CVE-2017-17169 ,CVE-2017-17170 ,CVE-2017-17303 ,CVE-2017-17304 are affected in dp300_firmware v500r002c00b013NCM
Vulnerabilities CVE-2017-17168 ,CVE-2017-17169 ,CVE-2017-17170 ,CVE-2017-17303 ,CVE-2017-17304 are affected in dp300_firmware v500r002c00b012NCM
Vulnerabilities CVE-2017-17168 ,CVE-2017-17169 ,CVE-2017-17170 ,CVE-2017-17303 ,CVE-2017-17304 are affected in dp300_firmware v500r002c00b011NCM
Vulnerabilities CVE-2017-17168 ,CVE-2017-17169 ,CVE-2017-17170 ,CVE-2017-17303 ,CVE-2017-17304 are affected in dp300_firmware v500r002c00b010NCM
Multiple Vulnerabilities affected in dp300_firmware v500r002c00NCM
Vulnerabilities CVE-2017-17303 ,CVE-2017-17304 are affected in dp300_firmware v500r002c00spca00NCM
Vulnerabilities CVE-2017-17303 ,CVE-2017-17304 are affected in dp300_firmware v500r002c00spc900NCM
Vulnerabilities CVE-2017-17303 ,CVE-2017-17304 are affected in dp300_firmware v500r002c00spc800NCM
Vulnerabilities CVE-2017-17303 ,CVE-2017-17304 are affected in dp300_firmware v500r002c00spc600NCM
Vulnerabilities CVE-2017-17303 ,CVE-2017-17304 are affected in dp300_firmware v500r002c00spc500NCM
Vulnerabilities CVE-2017-17303 ,CVE-2017-17304 are affected in dp300_firmware v500r002c00spc400NCM
Vulnerabilities CVE-2017-17303 ,CVE-2017-17304 are affected in dp300_firmware v500r002c00spc300NCM
Vulnerabilities CVE-2017-17303 ,CVE-2017-17304 are affected in dp300_firmware v500r002c00spc200NCM
Vulnerabilities CVE-2017-17303 ,CVE-2017-17304 are affected in dp300_firmware v500r002c00spc100NCM
Exposure of Sensitive Information to an Unauthorized Actor Vulnerability (CVE-2017-17303)NCM

Patch Details

No records found

References

https://nvd.nist.gov/vuln/detail/CVE-2023-1234
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-1234