How severe is CVE-2017-17160?

This vulnerability has a severity rating of MEDIUM with a CVSS score of 5.9 out of 10.

What type of vulnerability is CVE-2017-17160?

This is classified as CWE-787, which is a common weakness in software security.

CVE-2017-17160

MEDIUM Year: 2017

CVSS v3 Score

5.9

Medium

CVSS v2 Score

7.1

High

Weakness Type

CWE-787

View all →

Vulnerability Description

Huawei AR120-S V200R006C10, V200R007C00, AR1200 V200R006C10, V200R006C13, V200R007C00, V200R007C02, AR1200-S V200R006C10, V200R007C00, V200R008C20, AR150 V200R006C10, V200R007C00, V200R007C02, AR150-S V200R006C10, V200R007C00, AR160 V200R006C10, V200R006C12, V200R007C00, V200R007C02, AR200 V200R006C10, V200R007C00, AR200-S V200R006C10, V200R007C00, AR2200 V200R006C10, V200R006C13, V200R006C16PWE, V200R007C00, V200R007C02, AR2200-S V200R006C10, V200R007C00, V200R008C20, AR3200 V200R006C10, V200R006C11, V200R007C00, V200R007C02, AR3600 V200R006C10, V200R007C00, AR510 V200R006C12, V200R006C13, V200R006C15, V200R006C16, V200R006C17, V200R007C00, NetEngine16EX V200R006C10, V200R007C00, SRG1300 V200R006C10, V200R007C00, V200R007C02, SRG2300 V200R006C10, V200R007C00, V200R007C02, SRG3300 V200R006C10, V200R007C00 have a buffer overflow vulnerability due to incomplete range checks of the input data. An unauthenticated, remote attacker could exploit this vulnerability by sending malicious IKE packets to the targeted device. An exploit could allow the attacker to cause the device to write out of bound and restart.

CVE-2016-4429

MEDIUM

CVSS:5.9(Medium)

Stack-based buffer overflow in the clntudp_call function in sunrpc/clnt_udp.c in the GNU C Library (aka glibc or libc6) allows remote servers to cause a denial of service (crash) or possibly unspecifi...

CWE-7872016

CVE-2016-7178

MEDIUM

CVSS:5.9(Medium)

epan/dissectors/packet-umts_fp.c in the UMTS FP dissector in Wireshark 2.x before 2.0.6 does not ensure that memory is allocated for certain data structures, which allows remote attackers to cause a d...

CWE-7872016

CVE-2017-17217

MEDIUM

CVSS:5.9(Medium)

Media Gateway Control Protocol (MGCP) in Huawei DP300 V500R002C00; RP200 V500R002C00SPC200; V600R006C00; TE30 V100R001C10; V500R002C00; V600R006C00; TE40 V500R002C00; V600R006C00; TE50 V500R002C00; V6...

CWE-7872017

CVE-2018-16880

MEDIUM

CVSS:5.9(Medium)

A flaw was found in the Linux kernel's handle_rx() function in the [vhost_net] driver. A malicious virtual guest, under specific conditions, can trigger an out-of-bounds write in a kmalloc-8 slab on a...

CWE-7872018

CVE-2018-17156

MEDIUM

CVSS:5.9(Medium)

In FreeBSD before 11.2-STABLE(r340268) and 11.2-RELEASE-p5, due to incorrectly accounting for padding on 64-bit platforms, a buffer underwrite could occur when constructing an ICMP reply packet when u...

CWE-7872018

CVE-2018-5791

MEDIUM

CVSS:5.9(Medium)

An issue was discovered in Extreme Networks ExtremeWireless WiNG 5.x before 5.8.6.9 and 5.9.x before 5.9.1.3. There is a Remote, Unauthenticated Heap Overflow in the HSD Process over the MINT (Media I...

CWE-7872018

CVE-2017-17160

Vulnerability Description

Related Vulnerabilities

CVE-2016-4429

CVE-2016-7178

CVE-2017-17217

CVE-2018-16880

CVE-2018-17156

CVE-2018-5791