Unrated severityNVD Advisory· Published Mar 9, 2018· Updated Aug 5, 2024

CVE-2017-17167

Description

Huawei DP300 V500R002C00; TP3206 V100R002C00; ViewPoint 9030 V100R011C02; V100R011C03 have a use of a broken or risky cryptographic algorithm vulnerability. The software uses risky cryptographic algorithm in SSL. This is dangerous because a remote unauthenticated attacker could use well-known techniques to break the algorithm. Successful exploit could result in the exposure of sensitive information.

AI Insight

LLM-synthesized narrative grounded in this CVE's description and references.

Huawei DP300, TP3206, and ViewPoint 9030 use a risky cryptographic algorithm in SSL, allowing remote unauthenticated attackers to expose sensitive information.

Vulnerability

Huawei DP300 V500R002C00, TP3206 V100R002C00, and ViewPoint 9030 V100R011C02 and V100R011C03 use a broken or risky cryptographic algorithm in SSL [1]. The software employs a weak cipher that can be broken using well-known techniques, compromising the security of encrypted communications.

Exploitation

A remote unauthenticated attacker can exploit this vulnerability by intercepting SSL/TLS traffic between the affected device and its peers [1]. Using standard cryptanalytic methods, the attacker can break the weak algorithm without requiring any prior authentication or user interaction.

Impact

Successful exploitation results in the exposure of sensitive information transmitted over SSL [1]. The attacker gains access to confidential data, leading to a breach of confidentiality. No other impacts such as code execution or privilege escalation are described.

Mitigation

Huawei has released software updates to fix this vulnerability [1]. The resolved versions are: DP300 V500R002C00SPCb00, TP3206 V100R002C00SPC800, and ViewPoint 9030 should be upgraded to V100R011C03SPC800. Users should apply these updates as soon as possible.

References

Security Advisory - Use of a Risky Cryptographic Algorithm Vulnerability on Several Products

AI Insight generated on May 26, 2026. Synthesized from this CVE's description and the cited reference URLs; citations are validated against the source bundle.

Affected products

Huawei/ViewPoint 9030llm-fuzzy
Range: V100R011C02, V100R011C03
Huawei/TP3206llm-fuzzy
Range: V100R002C00
Huawei/DP300llm-fuzzy
Range: V500R002C00
Huawei Technologies Co., Ltd./DP300; TP3206; ViewPoint 9030v5
Range: DP300 V500R002C00

Patches

No patches discovered yet.

Vulnerability mechanics

AI mechanics synthesis has not run for this CVE yet.

References

www.huawei.com/en/psirt/security-advisories/huawei-sa-20171215-01-ssl-enmitrex_refsource_CONFIRM
www.securityfocus.com/bid/103513mitrevdb-entryx_refsource_BID

News mentions

No linked articles in our index yet.

cvss	0.000
epss	0.000
exploit	0.000
kev	0.000
patch	0.000
ransomware	0.000