172 matches found
CVE-2017-15321
Huawei FusionSphere OpenStack (FSO) on V100R006C000SPC102 (NFV) is affected by an information disclosure vulnerability caused by the default use of a low-version transport protocol, allowing an attacker to intercept transmitted packets. The CVE entry CVE-2017-15321 is documented with an impact of...
CVE-2017-15321
Huawei FusionSphere OpenStack V100R006C000SPC102 NFV has an information leak vulnerability due to the use of a low version transmission protocol by default. An attacker could intercept packets transferred by a target device. Successful exploit could cause an information leak...
Huawei FusionSphere OpenStack GaussDB Buffer Overflow Vulnerability
Huawei FusionSphere OpenStack is a suite of cloud platform software for Huawei's FusionSphere cloud operating system in ICT scenarios.GaussDB is one of the databases. A buffer overflow vulnerability exists in GaussDB in Huawei FusionSphere OpenStack V100R005C10SPC705 and earlier versions. An...
CVE-2017-8197
FusionSphere V100R006C00SPC102NFV has a command injection vulnerability. An authenticated, remote attacker could craft packets with malicious strings and send them to a target device. Successful exploit could allow the attacker to launch a command injection attack and execute system commands...
CVE-2017-8193
The FusionSphere OpenStack V100R006C00SPC102NFV has a command injection vulnerability. Due to the insufficient input validation on one port, an authenticated, local attacker may exploit the vulnerability to gain root privileges by sending message with malicious commands...
CVE-2017-8192
FusionSphere OpenStack V100R006C00 has an improper authorization vulnerability. Due to improper authorization, an attacker with low privilege may exploit this vulnerability to obtain the operation authority of some specific directory, causing privilege escalation...
CVE-2017-8191
FusionSphere OpenStack V100R006C00SPC102NFVhas a week cryptographic algorithm vulnerability. Attackers may exploit the vulnerability to crack the cipher text and cause information leak on the transmission links...
CVE-2017-8188
FusionSphere OpenStack V100R006C00SPC102NFVhas a command injection vulnerability. Due to lack of validation, an attacker with high privilege may inject malicious code into some module of the affected products, causing code execution...
CVE-2017-8191
FusionSphere OpenStack V100R006C00SPC102NFVhas a week cryptographic algorithm vulnerability. Attackers may exploit the vulnerability to crack the cipher text and cause information leak on the transmission links...
CVE-2017-8198
FusionSphere V100R006C00SPC102NFV has an SQL injection vulnerability. An authenticated, remote attacker could craft interface messages carrying malicious SQL statements and send them to a target device. Successful exploit could allow the attacker to launch an SQL injection attack and execute SQL...
CVE-2017-8190
FusionSphere OpenStack V100R006C00SPC102NFVhas an improper verification of cryptographic signature vulnerability. The software does not verify the cryptographic signature. An attacker with high privilege may exploit this vulnerability to inject malicious software...
CVE-2017-8195
The FusionSphere OpenStack V100R006C00SPC102NFV has an improper authentication vulnerability. Due to improper authentication on one port, an authenticated, remote attacker may exploit the vulnerability to execute more operations by send a crafted rest message...
CVE-2017-8192
FusionSphere OpenStack V100R006C00 has an improper authorization vulnerability. Due to improper authorization, an attacker with low privilege may exploit this vulnerability to obtain the operation authority of some specific directory, causing privilege escalation...
CVE-2017-8194
The FusionSphere OpenStack V100R006C00SPC102NFV has an improper authentication vulnerability. Due to improper authentication on one port, an authenticated, remote attacker may exploit the vulnerability to execute more operations by send a crafted rest message...
CVE-2017-8198
FusionSphere V100R006C00SPC102NFV has an SQL injection vulnerability. An authenticated, remote attacker could craft interface messages carrying malicious SQL statements and send them to a target device. Successful exploit could allow the attacker to launch an SQL injection attack and execute SQL...
CVE-2017-8196
FusionSphere V100R006C00SPC102NFV has an incorrect authorization vulnerability. An authenticated attacker could execute commands that he/she should have had no permission to perform, thereby querying, modifying, and deleting certain service data and making the service unavailable...
CVE-2017-8190
FusionSphere OpenStack V100R006C00SPC102NFVhas an improper verification of cryptographic signature vulnerability. The software does not verify the cryptographic signature. An attacker with high privilege may exploit this vulnerability to inject malicious software...
CVE-2017-8196
FusionSphere V100R006C00SPC102NFV has an incorrect authorization vulnerability. An authenticated attacker could execute commands that he/she should have had no permission to perform, thereby querying, modifying, and deleting certain service data and making the service unavailable...
CVE-2017-8194
The FusionSphere OpenStack V100R006C00SPC102NFV has an improper authentication vulnerability. Due to improper authentication on one port, an authenticated, remote attacker may exploit the vulnerability to execute more operations by send a crafted rest message...
CVE-2017-8193
The FusionSphere OpenStack V100R006C00SPC102NFV has a command injection vulnerability. Due to the insufficient input validation on one port, an authenticated, local attacker may exploit the vulnerability to gain root privileges by sending message with malicious commands...