Lucene search
K

172 matches found

Cvelist
Cvelist
added 2017/11/22 7:0 p.m.14 views

CVE-2017-8197

FusionSphere V100R006C00SPC102NFV has a command injection vulnerability. An authenticated, remote attacker could craft packets with malicious strings and send them to a target device. Successful exploit could allow the attacker to launch a command injection attack and execute system commands...

7.3AI score0.02041EPSS
Exploits0References1
CVE
CVE
added 2017/11/22 7:0 p.m.48 views

CVE-2017-8190

CVE-2017-8190 is reported for FusionSphere OpenStack (V100R006C00SPC102 NFV) with an improper verification of cryptographic signatures. The underlying issue is that the software does not verify the cryptographic signature, enabling a high-privilege attacker to inject malicious software. The NVD e...

6.7CVSS6.4AI score0.0019EPSS
Exploits0References1Affected Software1
CVE
CVE
added 2017/11/22 7:0 p.m.50 views

CVE-2017-8134

The CVE-2017-8134 entry concerns Huawei FusionSphere OpenStack (software versions V100R006C00 and V100R006C10) with four TCP listening ports vulnerable to command injection caused by insufficient input validation. The vulnerability allows an unauthenticated attacker to execute malicious commands ...

8.8CVSS9.2AI score0.01366EPSS
Exploits0References1Affected Software1
Cvelist
Cvelist
added 2017/11/22 7:0 p.m.17 views

CVE-2017-2714

The GaussDB in FusionSphere OpenStack V100R005C10SPC705 and earlier versions has a buffer overflow vulnerability. An authenticated attacker on the LAN can exploit this vulnerability to execute arbitrary code or cause a denial of service DoS condition in the affected system...

8.2AI score0.00515EPSS
Exploits0References1
Cvelist
Cvelist
added 2017/11/22 7:0 p.m.19 views

CVE-2017-8192

FusionSphere OpenStack V100R006C00 has an improper authorization vulnerability. Due to improper authorization, an attacker with low privilege may exploit this vulnerability to obtain the operation authority of some specific directory, causing privilege escalation...

7.6AI score0.00216EPSS
Exploits0References1
CVE
CVE
added 2017/11/22 7:0 p.m.57 views

CVE-2017-2718

CVE-2017-2718 affects Huawei FusionSphere/OpenStack deployments (V100R006C00, V100R006C10RC2). The defect is two command injection vulnerabilities caused by insufficient input validation on a single port, enabling an attacker to obtain root privileges by sending specially crafted messages. Public...

8.8CVSS9.2AI score0.00907EPSS
Exploits0References1Affected Software1
Cvelist
Cvelist
added 2017/11/22 7:0 p.m.22 views

CVE-2017-8196

FusionSphere V100R006C00SPC102NFV has an incorrect authorization vulnerability. An authenticated attacker could execute commands that he/she should have had no permission to perform, thereby querying, modifying, and deleting certain service data and making the service unavailable...

5.3AI score0.0026EPSS
Exploits0References1
CVE
CVE
added 2017/11/22 7:0 p.m.44 views

CVE-2017-8131

The CVE-2017-8131 entry applies to FusionSphere OpenStack (software versions V100R006C00/V100R006C10). It describes a command injection vulnerability caused by insufficient input validation on four TCP listening ports, allowing an unauthenticated attacker to execute commands and gain root privile...

8.8CVSS9.2AI score0.01366EPSS
Exploits0References1Affected Software1
CVE
CVE
added 2017/11/22 7:0 p.m.49 views

CVE-2017-2719

CVE-2017-2719 concerns Huawei FusionSphere/OpenStack components (V100R006C00 and V100R006C10RC2). The issue is two command-injection vulnerabilities caused by insufficient input validation on a TCP/one port, allowing an attacker to execute malicious commands and potentially gain root privileges b...

8.8CVSS9.2AI score0.00923EPSS
Exploits0References1Affected Software1
CVE
CVE
added 2017/11/22 7:0 p.m.47 views

CVE-2017-8198

FusionSphere V100R006C00SPC102(NFV) is affected by an SQL injection due to insufficient input validation in an interface message handler. An authenticated, remote attacker could craft messages carrying malicious SQL and send them to a target device, potentially executing arbitrary SQL commands wi...

7.2CVSS7.4AI score0.01052EPSS
Exploits0References1Affected Software1
CVE
CVE
added 2017/11/22 7:0 p.m.51 views

CVE-2017-8189

CVE-2017-8189 is a path traversal vulnerability in Huawei FusionSphere OpenStack, affecting FusionSphere OpenStack V100R006C00SPC102 (NFV). Root cause: insufficient path validation. A high-privilege attacker could traverse paths and overwrite/cover files, leading to service disruption (as per Hua...

6CVSS5.8AI score0.0028EPSS
Exploits0References1Affected Software1
Cvelist
Cvelist
added 2017/11/22 7:0 p.m.30 views

CVE-2017-8189

FusionSphere OpenStack V100R006C00SPC102NFVhas a path traversal vulnerability. Due to insufficient path validation, an attacker with high privilege may exploit this vulnerability to cover some files, causing services abnormal...

6.2AI score0.0028EPSS
Exploits0References1
Cvelist
Cvelist
added 2017/11/22 7:0 p.m.19 views

CVE-2017-8135

The FusionSphere OpenStack with software V100R006C00 and V100R006C10 has a command injection vulnerability due to the insufficient input validation on four TCP listening ports. An unauthenticated attacker can exploit the vulnerabilities to gain root privileges by sending some messages with...

9.4AI score0.01423EPSS
Exploits0References2
Cvelist
Cvelist
added 2017/11/22 7:0 p.m.24 views

CVE-2017-8191

FusionSphere OpenStack V100R006C00SPC102NFVhas a week cryptographic algorithm vulnerability. Attackers may exploit the vulnerability to crack the cipher text and cause information leak on the transmission links...

6AI score0.00597EPSS
Exploits0References2
CVE
CVE
added 2017/11/22 7:0 p.m.43 views

CVE-2017-8197

The CVE-2017-8197 issue affects Huawei FusionSphere V100R006C00SPC102 (NFV). Affected component: command injection vulnerability in FusionSphere due to insufficient input validation, exploitable by an authenticated, remote attacker sending packets containing malicious strings to the device. Succe...

9CVSS7.3AI score0.02041EPSS
Exploits0References1Affected Software1
Cvelist
Cvelist
added 2017/11/22 7:0 p.m.20 views

CVE-2017-8193

The FusionSphere OpenStack V100R006C00SPC102NFV has a command injection vulnerability. Due to the insufficient input validation on one port, an authenticated, local attacker may exploit the vulnerability to gain root privileges by sending message with malicious commands...

8.4AI score0.00865EPSS
Exploits0References1
Cvelist
Cvelist
added 2017/11/22 7:0 p.m.27 views

CVE-2017-8195

The FusionSphere OpenStack V100R006C00SPC102NFV has an improper authentication vulnerability. Due to improper authentication on one port, an authenticated, remote attacker may exploit the vulnerability to execute more operations by send a crafted rest message...

8.9AI score0.01173EPSS
Exploits0References1
Cvelist
Cvelist
added 2017/11/22 7:0 p.m.26 views

CVE-2017-8190

FusionSphere OpenStack V100R006C00SPC102NFVhas an improper verification of cryptographic signature vulnerability. The software does not verify the cryptographic signature. An attacker with high privilege may exploit this vulnerability to inject malicious software...

6.5AI score0.0019EPSS
Exploits0References1
Cvelist
Cvelist
added 2017/11/22 7:0 p.m.23 views

CVE-2017-8134

The FusionSphere OpenStack with software V100R006C00 and V100R006C10 has a command injection vulnerability due to the insufficient input validation on four TCP listening ports. An unauthenticated attacker can exploit the vulnerabilities to gain root privileges by sending some messages with...

9.4AI score0.01366EPSS
Exploits0References1
CVE
CVE
added 2017/11/22 7:0 p.m.49 views

CVE-2017-2714

CVE-2017-2714 affects GaussDB in Huawei FusionSphere OpenStack (V100R005C10SPC705 and earlier). The flaw is a buffer overflow caused by lack of input validation, enabling an authenticated LAN attacker to execute arbitrary code or cause a DoS. Connected sources corroborate the vulnerability in Gau...

8CVSS8.2AI score0.00515EPSS
Exploits0References1Affected Software1
Rows per page
Query Builder