AR120-S with software V200R006C10, V200R007C00, V200R008C20, V200R008C30,AR1200 with software V200R006C10, V200R006C13, V200R007C00, V200R007C01, V200R007C02, V200R008C20, V200R008C30,AR1200-S with software V200R006C10, V200R007C00, V200R008C20, V200R008C30,AR150 with software V200R006C10, V200R007C00, V200R007C01, V200R007C02, V200R008C20, V200R008C30,AR150-S with software V200R006C10, V200R007C00, V200R008C20, V200R008C30,AR160 with software V200R006C10, V200R006C12, V200R007C00, V200R007C01, V200R007C02, V200R008C20, V200R008C30,AR200 with software V200R006C10, V200R007C00, V200R007C01, V200R008C20, V200R008C30,AR200-S with software V200R006C10, V200R007C00, V200R008C20, V200R008C30,AR2200 with software V200R006C10, V200R006C13, V200R006C16PWE, V200R007C00, V200R007C01, V200R007C02, V200R008C20, V200R008C30,AR2200-S with software V200R006C10, V200R007C00, V200R008C20, V200R008C30,AR3200 with software V200R006C10, V200R006C11, V200R007C00, V200R007C01, V200R007C02, V200R008C00, V200R008C10, V200R008C20, V200R008C30,AR510 with software V200R006C10, V200R006C12, V200R006C13, V200R006C15, V200R006C16, V200R006C17, V200R007C00, V200R008C20, V200R008C30,NetEngine16EX with software V200R006C10, V200R007C00, V200R008C20, V200R008C30,SMC2.0 with software V100R003C10, V100R005C00, V500R002C00, V600R006C00,SRG1300 with software V200R006C10, V200R007C00, V200R007C02, V200R008C20, V200R008C30,SRG2300 with software V200R006C10, V200R007C00, V200R007C02, V200R008C20, V200R008C30,SRG3300 with software V200R006C10, V200R007C00, V200R008C20, V200R008C30 have an out-of-bounds read vulnerability. Due to insufficient input validation, an authenticated, remote attacker could send specially crafted message to the target device.Successful exploit of the vulnerability could cause out-of-bounds read and system crash.

No CVSS v3.1

Attack Vector Network

Attack Complexity Low

Privileges Required Low

Scope Unchanged

Confidentiality Impact None

Integrity Impact None

Availability Impact High

User Interaction None

Access Vector Network

Access Complexity Low

Authentication Single

Confidentiality Impact None

Integrity Impact None

Availability Impact Complete

AV:N/AC:L/Au:S/C:N/I:N/A:C
Vendors Products
Huawei
  • Srg1300 Firmware
  • Ar160 Firmware
  • Ar2200
  • Ar2200-s Firmware
  • Ar510 Firmware
  • Ar120-s
  • Srg1300
  • Ar2200 Firmware
  • Ar150
  • Srg2300
  • Ar200-s Firmware
  • Ar3200
  • Ar120-s Firmware
  • Ar1200 Firmware
  • Ar1200-s
  • Srg3300 Firmware
  • Ar200-s
  • Ar200
  • Ar150-s Firmware
  • Netengine16ex
  • Ar150-s
  • Ar1200-s Firmware
  • Ar510
  • Smc2.0 Firmware
  • Srg2300 Firmware
  • Ar1200
  • Smc2.0
  • Ar2200-s
  • Ar200 Firmware
  • Netengine16ex Firmware
  • Srg3300
  • Ar160
  • Ar150 Firmware
  • Ar3200 Firmware

Configuration 1 [-]

AND
OR cpe:2.3:o:huawei:ar120-s_firmware:v200r006c10:*:*:*:*:*:*:*
cpe:2.3:o:huawei:ar120-s_firmware:v200r007c00:*:*:*:*:*:*:*
cpe:2.3:o:huawei:ar120-s_firmware:v200r008c20:*:*:*:*:*:*:*
cpe:2.3:o:huawei:ar120-s_firmware:v200r008c30:*:*:*:*:*:*:*
cpe:2.3:h:huawei:ar120-s:-:*:*:*:*:*:*:*

Configuration 2 [-]

AND
OR cpe:2.3:o:huawei:ar1200_firmware:v200r006c10:*:*:*:*:*:*:*
cpe:2.3:o:huawei:ar1200_firmware:v200r006c13:*:*:*:*:*:*:*
cpe:2.3:o:huawei:ar1200_firmware:v200r007c00:*:*:*:*:*:*:*
cpe:2.3:o:huawei:ar1200_firmware:v200r007c01:*:*:*:*:*:*:*
cpe:2.3:o:huawei:ar1200_firmware:v200r007c02:*:*:*:*:*:*:*
cpe:2.3:o:huawei:ar1200_firmware:v200r008c20:*:*:*:*:*:*:*
cpe:2.3:o:huawei:ar1200_firmware:v200r008c30:*:*:*:*:*:*:*
cpe:2.3:h:huawei:ar1200:-:*:*:*:*:*:*:*

Configuration 3 [-]

AND
OR cpe:2.3:o:huawei:ar1200-s_firmware:v200r006c10:*:*:*:*:*:*:*
cpe:2.3:o:huawei:ar1200-s_firmware:v200r007c00:*:*:*:*:*:*:*
cpe:2.3:o:huawei:ar1200-s_firmware:v200r008c20:*:*:*:*:*:*:*
cpe:2.3:o:huawei:ar1200-s_firmware:v200r008c30:*:*:*:*:*:*:*
cpe:2.3:h:huawei:ar1200-s:-:*:*:*:*:*:*:*

Configuration 4 [-]

AND
OR cpe:2.3:o:huawei:ar150_firmware:v200r006c10:*:*:*:*:*:*:*
cpe:2.3:o:huawei:ar150_firmware:v200r007c00:*:*:*:*:*:*:*
cpe:2.3:o:huawei:ar150_firmware:v200r007c01:*:*:*:*:*:*:*
cpe:2.3:o:huawei:ar150_firmware:v200r007c02:*:*:*:*:*:*:*
cpe:2.3:o:huawei:ar150_firmware:v200r008c20:*:*:*:*:*:*:*
cpe:2.3:o:huawei:ar150_firmware:v200r008c30:*:*:*:*:*:*:*
cpe:2.3:h:huawei:ar150:-:*:*:*:*:*:*:*

Configuration 5 [-]

AND
OR cpe:2.3:o:huawei:ar150-s_firmware:v200r006c10:*:*:*:*:*:*:*
cpe:2.3:o:huawei:ar150-s_firmware:v200r007c00:*:*:*:*:*:*:*
cpe:2.3:o:huawei:ar150-s_firmware:v200r008c20:*:*:*:*:*:*:*
cpe:2.3:o:huawei:ar150-s_firmware:v200r008c30:*:*:*:*:*:*:*
cpe:2.3:h:huawei:ar150-s:-:*:*:*:*:*:*:*

Configuration 6 [-]

AND
OR cpe:2.3:o:huawei:ar160_firmware:v200r006c10:*:*:*:*:*:*:*
cpe:2.3:o:huawei:ar160_firmware:v200r006c12:*:*:*:*:*:*:*
cpe:2.3:o:huawei:ar160_firmware:v200r007c00:*:*:*:*:*:*:*
cpe:2.3:o:huawei:ar160_firmware:v200r007c01:*:*:*:*:*:*:*
cpe:2.3:o:huawei:ar160_firmware:v200r007c02:*:*:*:*:*:*:*
cpe:2.3:o:huawei:ar160_firmware:v200r008c20:*:*:*:*:*:*:*
cpe:2.3:o:huawei:ar160_firmware:v200r008c30:*:*:*:*:*:*:*
cpe:2.3:h:huawei:ar160:-:*:*:*:*:*:*:*

Configuration 7 [-]

AND
OR cpe:2.3:o:huawei:ar200_firmware:v200r006c10:*:*:*:*:*:*:*
cpe:2.3:o:huawei:ar200_firmware:v200r007c00:*:*:*:*:*:*:*
cpe:2.3:o:huawei:ar200_firmware:v200r007c01:*:*:*:*:*:*:*
cpe:2.3:o:huawei:ar200_firmware:v200r008c20:*:*:*:*:*:*:*
cpe:2.3:o:huawei:ar200_firmware:v200r008c30:*:*:*:*:*:*:*
cpe:2.3:h:huawei:ar200:-:*:*:*:*:*:*:*

Configuration 8 [-]

AND
OR cpe:2.3:o:huawei:ar200-s_firmware:v200r006c10:*:*:*:*:*:*:*
cpe:2.3:o:huawei:ar200-s_firmware:v200r007c00:*:*:*:*:*:*:*
cpe:2.3:o:huawei:ar200-s_firmware:v200r008c20:*:*:*:*:*:*:*
cpe:2.3:o:huawei:ar200-s_firmware:v200r008c30:*:*:*:*:*:*:*
cpe:2.3:h:huawei:ar200-s:-:*:*:*:*:*:*:*

Configuration 9 [-]

AND
OR cpe:2.3:o:huawei:ar2200_firmware:v200r006c10:*:*:*:*:*:*:*
cpe:2.3:o:huawei:ar2200_firmware:v200r006c13:*:*:*:*:*:*:*
cpe:2.3:o:huawei:ar2200_firmware:v200r006c16pwe:*:*:*:*:*:*:*
cpe:2.3:o:huawei:ar2200_firmware:v200r007c00:*:*:*:*:*:*:*
cpe:2.3:o:huawei:ar2200_firmware:v200r007c01:*:*:*:*:*:*:*
cpe:2.3:o:huawei:ar2200_firmware:v200r007c02:*:*:*:*:*:*:*
cpe:2.3:o:huawei:ar2200_firmware:v200r008c20:*:*:*:*:*:*:*
cpe:2.3:o:huawei:ar2200_firmware:v200r008c30:*:*:*:*:*:*:*
cpe:2.3:h:huawei:ar2200:-:*:*:*:*:*:*:*

Configuration 10 [-]

AND
OR cpe:2.3:o:huawei:ar2200-s_firmware:v200r006c10:*:*:*:*:*:*:*
cpe:2.3:o:huawei:ar2200-s_firmware:v200r007c00:*:*:*:*:*:*:*
cpe:2.3:o:huawei:ar2200-s_firmware:v200r008c20:*:*:*:*:*:*:*
cpe:2.3:o:huawei:ar2200-s_firmware:v200r008c30:*:*:*:*:*:*:*
cpe:2.3:h:huawei:ar2200-s:-:*:*:*:*:*:*:*

Configuration 11 [-]

AND
OR cpe:2.3:o:huawei:ar3200_firmware:v200r006c10:*:*:*:*:*:*:*
cpe:2.3:o:huawei:ar3200_firmware:v200r006c11:*:*:*:*:*:*:*
cpe:2.3:o:huawei:ar3200_firmware:v200r007c00:*:*:*:*:*:*:*
cpe:2.3:o:huawei:ar3200_firmware:v200r007c01:*:*:*:*:*:*:*
cpe:2.3:o:huawei:ar3200_firmware:v200r007c02:*:*:*:*:*:*:*
cpe:2.3:o:huawei:ar3200_firmware:v200r008c00:*:*:*:*:*:*:*
cpe:2.3:o:huawei:ar3200_firmware:v200r008c10:*:*:*:*:*:*:*
cpe:2.3:o:huawei:ar3200_firmware:v200r008c20:*:*:*:*:*:*:*
cpe:2.3:o:huawei:ar3200_firmware:v200r008c30:*:*:*:*:*:*:*
cpe:2.3:h:huawei:ar3200:-:*:*:*:*:*:*:*

Configuration 12 [-]

AND
OR cpe:2.3:o:huawei:ar510_firmware:v200r006c10:*:*:*:*:*:*:*
cpe:2.3:o:huawei:ar510_firmware:v200r006c12:*:*:*:*:*:*:*
cpe:2.3:o:huawei:ar510_firmware:v200r006c13:*:*:*:*:*:*:*
cpe:2.3:o:huawei:ar510_firmware:v200r006c15:*:*:*:*:*:*:*
cpe:2.3:o:huawei:ar510_firmware:v200r006c16:*:*:*:*:*:*:*
cpe:2.3:o:huawei:ar510_firmware:v200r006c17:*:*:*:*:*:*:*
cpe:2.3:o:huawei:ar510_firmware:v200r007c00:*:*:*:*:*:*:*
cpe:2.3:o:huawei:ar510_firmware:v200r008c20:*:*:*:*:*:*:*
cpe:2.3:o:huawei:ar510_firmware:v200r008c30:*:*:*:*:*:*:*
cpe:2.3:h:huawei:ar510:-:*:*:*:*:*:*:*

Configuration 13 [-]

AND
OR cpe:2.3:o:huawei:netengine16ex_firmware:v200r006c10:*:*:*:*:*:*:*
cpe:2.3:o:huawei:netengine16ex_firmware:v200r007c00:*:*:*:*:*:*:*
cpe:2.3:o:huawei:netengine16ex_firmware:v200r008c20:*:*:*:*:*:*:*
cpe:2.3:o:huawei:netengine16ex_firmware:v200r008c30:*:*:*:*:*:*:*
cpe:2.3:h:huawei:netengine16ex:-:*:*:*:*:*:*:*

Configuration 14 [-]

AND
OR cpe:2.3:o:huawei:smc2.0_firmware:v100r003c10:*:*:*:*:*:*:*
cpe:2.3:o:huawei:smc2.0_firmware:v100r005c00:*:*:*:*:*:*:*
cpe:2.3:o:huawei:smc2.0_firmware:v500r002c00:*:*:*:*:*:*:*
cpe:2.3:o:huawei:smc2.0_firmware:v600r006c00:*:*:*:*:*:*:*
cpe:2.3:h:huawei:smc2.0:-:*:*:*:*:*:*:*

Configuration 15 [-]

AND
OR cpe:2.3:o:huawei:srg1300_firmware:v200r006c10:*:*:*:*:*:*:*
cpe:2.3:o:huawei:srg1300_firmware:v200r007c00:*:*:*:*:*:*:*
cpe:2.3:o:huawei:srg1300_firmware:v200r007c02:*:*:*:*:*:*:*
cpe:2.3:o:huawei:srg1300_firmware:v200r008c20:*:*:*:*:*:*:*
cpe:2.3:o:huawei:srg1300_firmware:v200r008c30:*:*:*:*:*:*:*
cpe:2.3:h:huawei:srg1300:-:*:*:*:*:*:*:*

Configuration 16 [-]

AND
OR cpe:2.3:o:huawei:srg2300_firmware:v200r006c10:*:*:*:*:*:*:*
cpe:2.3:o:huawei:srg2300_firmware:v200r007c00:*:*:*:*:*:*:*
cpe:2.3:o:huawei:srg2300_firmware:v200r007c02:*:*:*:*:*:*:*
cpe:2.3:o:huawei:srg2300_firmware:v200r008c20:*:*:*:*:*:*:*
cpe:2.3:o:huawei:srg2300_firmware:v200r008c30:*:*:*:*:*:*:*
cpe:2.3:h:huawei:srg2300:-:*:*:*:*:*:*:*

Configuration 17 [-]

AND
OR cpe:2.3:o:huawei:srg3300_firmware:v200r006c10:*:*:*:*:*:*:*
cpe:2.3:o:huawei:srg3300_firmware:v200r007c00:*:*:*:*:*:*:*
cpe:2.3:o:huawei:srg3300_firmware:v200r008c20:*:*:*:*:*:*:*
cpe:2.3:o:huawei:srg3300_firmware:v200r008c30:*:*:*:*:*:*:*
cpe:2.3:h:huawei:srg3300:-:*:*:*:*:*:*:*
References
Link Resource
http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20171018-01-h323-en Vendor Advisory
History

No history.

cve-icon MITRE Information

Status: PUBLISHED

Assigner: huawei

Published: 2017-11-15T00:00:00

Updated: 2017-11-22T18:57:01

Reserved: 2017-04-25T00:00:00

Link: CVE-2017-8163

JSON object: View

cve-icon NVD Information

Status : Analyzed

Published: 2017-11-22T19:29:03.803

Modified: 2017-12-08T19:05:03.227

Link: CVE-2017-8163

JSON object: View

cve-icon Redhat Information

No data.

CWE