CVE-2017-8162

Name of the Vulnerable Software and Affected Versions AR120-S versions V200R006C10 through V200R008C30 AR1200 versions V200R006C10 through V200R008C30 AR1200-S versions V200R006C10 through V200R008C30 AR150 versions V200R006C10 through V200R008C30 AR150-S versions V200R006C10 through V200R008C30 AR160 versions V200R006C10 through V200R008C30 AR200 versions V200R006C10 through V200R008C30 AR200-S versions V200R006C10 through V200R008C30 AR2200 versions V200R006C10 through V200R008C30 AR2200-S versions V200R006C10 through V200R008C30 AR3200 versions V200R006C10 through V200R008C30 AR510 versions V200R006C10 through V200R008C30 NetEngine16EX versions V200R006C10 through V200R008C30 SMC2.0 versions V100R003C10 through V600R006C00 SRG1300 versions V200R006C10 through V200R008C30 SRG2300 versions V200R006C10 through V200R008C30 SRG3300 versions V200R006C10 through V200R008C30

Description The issue is caused by incorrect malformed message processing logic. An authenticated, remote attacker could send a specially crafted message to the target device, potentially causing a stack overflow and making a service unavailable.

Recommendations AR120-S versions V200R006C10 through V200R008C30: Update to a fixed version to resolve the issue. AR1200 versions V200R006C10 through V200R008C30: Update to a fixed version to resolve the issue. AR1200-S versions V200R006C10 through V200R008C30: Update to a fixed version to resolve the issue. AR150 versions V200R006C10 through V200R008C30: Update to a fixed version to resolve the issue. AR150-S versions V200R006C10 through V200R008C30: Update to a fixed version to resolve the issue. AR160 versions V200R006C10 through V200R008C30: Update to a fixed version to resolve the issue. AR200 versions V200R006C10 through V200R008C30: Update to a fixed version to resolve the issue. AR200-S versions V200R006C10 through V200R008C30: Update to a fixed version to resolve the issue. AR2200 versions V200R006C10 through V200R008C30: Update to a fixed version to resolve the issue. AR2200-S versions V200R006C10 through V200R008C30: Update to a fixed version to resolve the issue. AR3200 versions V200R006C10 through V200R008C30: Update to a fixed version to resolve the issue. AR510 versions V200R006C10 through V200R008C30: Update to a fixed version to resolve the issue. NetEngine16EX versions V200R006C10 through V200R008C30: Update to a fixed version to resolve the issue. SMC2.0 versions V100R003C10 through V600R006C00: Update to a fixed version to resolve the issue. SRG1300 versions V200R006C10 through V200R008C30: Update to a fixed version to resolve the issue. SRG2300 versions V200R006C10 through V200R008C30: Update to a fixed version to resolve the issue. SRG3300 versions V200R006C10 through V200R008C30: Update to a fixed version to resolve the issue. At the moment, there is no information about a newer version that contains a fix for this vulnerability.