CVE-2017-8174
HIGHHuawei Secospace USG6300 and USG6600 - Inadequate Encryption Strength
Title source: llmDescription
Huawei USG6300 V100R001C30SPC300 and USG6600 with software of V100R001C30SPC500,V100R001C30SPC600,V100R001C30SPC700,V100R001C30SPC800 have a weak algorithm vulnerability. Attackers may exploit the weak algorithm vulnerability to crack the cipher text and cause confidential information leaks on the transmission links.
References (1)
Core 1
Core References
Vendor Advisory x_refsource_confirm
http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20170802-01-usg-en
Scores
CVSS v3
7.5
EPSS
0.0007
EPSS Percentile
20.6%
Attack Vector
NETWORK
CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
Details
CWE
CWE-326
Status
published
Products (6)
huawei/secospace_usg6300_firmware
v100r001c30spc300
huawei/secospace_usg6600_firmware
v100r001c30spc500
huawei/secospace_usg6600_firmware
v100r001c30spc600
huawei/secospace_usg6600_firmware
v100r001c30spc700
huawei/secospace_usg6600_firmware
v100r001c30spc800
Huawei Technologies Co., Ltd./Secospace USG6300,Secospace USG6600
V100R001C30SPC300,V100R001C30SPC500,V100R001C30SPC600,V100R001C30SPC700,V100R001C30SPC800
Published
Nov 22, 2017
Tracked Since
Feb 18, 2026