CVE-2017-8162

Description

AR120-S with software V200R006C10, V200R007C00, V200R008C20, V200R008C30,AR1200 with software V200R006C10, V200R006C13, V200R007C00, V200R007C01, V200R007C02, V200R008C20, V200R008C30,AR1200-S with software V200R006C10, V200R007C00, V200R008C20, V200R008C30,AR150 with software V200R006C10, V200R007C00, V200R007C01, V200R007C02, V200R008C20, V200R008C30,AR150-S with software V200R006C10, V200R007C00, V200R008C20, V200R008C30,AR160 with software V200R006C10, V200R006C12, V200R007C00, V200R007C01, V200R007C02, V200R008C20, V200R008C30,AR200 with software V200R006C10, V200R007C00, V200R007C01, V200R008C20, V200R008C30,AR200-S with software V200R006C10, V200R007C00, V200R008C20, V200R008C30,AR2200 with software V200R006C10, V200R006C13, V200R006C16PWE, V200R007C00, V200R007C01, V200R007C02, V200R008C20, V200R008C30,AR2200-S with software V200R006C10, V200R007C00, V200R008C20, V200R008C30,AR3200 with software V200R006C10, V200R006C11, V200R007C00, V200R007C01, V200R007C02, V200R008C00, V200R008C10, V200R008C20, V200R008C30,AR510 with software V200R006C10, V200R006C12, V200R006C13, V200R006C15, V200R006C16, V200R006C17, V200R007C00, V200R008C20, V200R008C30,NetEngine16EX with software V200R006C10, V200R007C00, V200R008C20, V200R008C30,SMC2.0 with software V100R003C10, V100R005C00, V500R002C00, V600R006C00,SRG1300 with software V200R006C10, V200R007C00, V200R007C02, V200R008C20, V200R008C30,SRG2300 with software V200R006C10, V200R007C00, V200R007C02, V200R008C20, V200R008C30,SRG3300 with software V200R006C10, V200R007C00, V200R008C20, V200R008C30 have a DoS vulnerability. Due to incorrect malformed message processing logic, an authenticated, remote attacker could send specially crafted message to the target device.Successful exploit of the vulnerability could cause stack overflow and make a service unavailable.

Risk Information

Base Score

6.5

MODERATE

Vector

CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

EPSS Score

Exploitation Probability

0.314

Associated Vulnerability

Vulnerability	OS Platform
Multiple Vulnerabilities affected in ar120-s_firmware v200r007c00	NCM
Multiple Vulnerabilities affected in ar120-s_firmware v200r006c10	NCM
Multiple Vulnerabilities affected in ar120-s_firmware v200r008c20	NCM
Vulnerabilities CVE-2017-8162 ,CVE-2017-8163 ,CVE-2019-19415 ,CVE-2019-19416 ,CVE-2019-19417 are affected in ar120-s_firmware v200r008c30	NCM
Improper Restriction of Operations within the Bounds of a Memory Buffer Vulnerability (CVE-2017-8162)	NCM

Patch Details

No records found

References

https://nvd.nist.gov/vuln/detail/CVE-2023-1234
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-1234