Lucene search
+L

173 matches found

CNVD
CNVD
added 2020/08/06 12:0 a.m.4 views

Huawei FusionCompute Local Elevation of Privilege Vulnerability

Huawei FusionCompute is a computer virtualization engine from Huawei China. The product provides Virtual Resource Manager VRM and Compute Node Agent CNA, among others. A local elevation of privilege vulnerability exists in Huawei FusionCompute version 8.0.0. The vulnerability stems from a failure...

7.8CVSS7.1AI score0.00219EPSS
Exploits0References1
Huawei
Huawei
added 2020/08/05 12:0 a.m.42 views

Security Advisory - Local Privilege Escalation Vulnerability in Huawei FusionCompute Product

There is a local privilege escalation vulnerability in Huawei FusionCompute product. A local, authenticated attacker could perform specific operations to exploit this vulnerability. Successful exploitation may cause the attacker to obtain a higher privilege and compromise the service. Vulnerabili...

7.8CVSS7.6AI score0.00219EPSS
Exploits0Affected Software1
Huawei
Huawei
added 2020/08/05 12:0 a.m.52 views

Security Advisory - Information Leak Vulnerabilities in Huawei FusionCompute Product

There are two information disclosure vulnerability in Huawei FusionCompute product. Due to the properly protection of certain information, attackers may exploit this vulnerability to obtain certain information. Vulnerability ID: HWPSIRT-2020-05013 and HWPSIRT-2020-05065 The two vulnerabilities ha...

7.5CVSS5.8AI score0.00777EPSS
Exploits0Affected Software1
CNVD
CNVD
added 2020/07/31 12:0 a.m.3 views

Huawei FusionCompute License Issue Vulnerability

Huawei FusionCompute is a computer virtualization engine from Huawei China. The product provides Virtual Resource Manager VRM and Compute Node Agent CNA, among others. An authorization issue vulnerability exists in Huawei FusionCompute version 8.0.0, which stems from a module not properly...

6.7CVSS6.8AI score0.00227EPSS
Exploits0References1
OpenVAS
OpenVAS
added 2020/06/05 12:0 a.m.18 views

Huawei Data Communication: RCE Vulnerability in Fastjson (huawei-sa-20191204-01-fastjson)

A remote code execution RCE vulnerability exists in the open- source JSON parsing library Fastjson. This VT has been deprecated and is therefore no longer functional. SPDX-FileCopyrightText: 2020 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C...

8.2AI score
Exploits0References1
OSV
OSV
added 2017/11/22 7:29 p.m.7 views

CVE-2017-8158

FusionCompute V100R005C00 and V100R005C10 have an improper authorization vulnerability due to improper permission settings for a certain file on the host machine. An authenticated attacker could create a large number of virtual machine VM processes to exhaust system resources. Successful exploit...

6.5CVSS5.8AI score0.00199EPSS
Exploits0References1
NVD
NVD
added 2017/11/22 7:29 p.m.13 views

CVE-2017-8158

FusionCompute V100R005C00 and V100R005C10 have an improper authorization vulnerability due to improper permission settings for a certain file on the host machine. An authenticated attacker could create a large number of virtual machine VM processes to exhaust system resources. Successful exploit...

6.5CVSS6.3AI score0.00199EPSS
Exploits0References1
Prion
Prion
added 2017/11/22 7:29 p.m.21 views

Authorization

FusionCompute V100R005C00 and V100R005C10 have an improper authorization vulnerability due to improper permission settings for a certain file on the host machine. An authenticated attacker could create a large number of virtual machine VM processes to exhaust system resources. Successful exploit...

4.9CVSS6.3AI score0.00199EPSS
Exploits0References1Affected Software1
CVE
CVE
added 2017/11/22 7:0 p.m.53 views

CVE-2017-8158

Huawei FusionCompute (V100R005C00 and V100R005C10) contains an improper authorization vulnerability due to misconfigured host-file permissions. An authenticated attacker could trigger a denial by spawning a large number of VM processes, exhausting system resources and making new VMs unavailable. ...

6.5CVSS6.3AI score0.00199EPSS
Exploits0References1Affected Software1
Cvelist
Cvelist
added 2017/11/22 7:0 p.m.25 views

CVE-2017-8158

FusionCompute V100R005C00 and V100R005C10 have an improper authorization vulnerability due to improper permission settings for a certain file on the host machine. An authenticated attacker could create a large number of virtual machine VM processes to exhaust system resources. Successful exploit...

6.3AI score0.00199EPSS
Exploits0References1
CNVD
CNVD
added 2017/09/28 12:0 a.m.7 views

Huawei FusionCompute Denial of Service Vulnerability

Huawei FusionCompute is an enterprise-grade, open server virtualization solution from Huawei, China, based on the Xen open source design. The solution provides automation, advanced integration and management capabilities for virtualized data centers. A denial of service vulnerability exists in...

6.5CVSS6.4AI score0.00199EPSS
Exploits0References1
OSV
OSV
added 2016/09/26 4:59 p.m.4 views

CVE-2016-6827

Huawei FusionCompute before V100R005C10CP7002 stores cleartext AES keys in a file, which allows remote authenticated users to obtain sensitive information via unspecified vectors...

6.5CVSS5.8AI score0.01016EPSS
Exploits0References2
NVD
NVD
added 2016/09/26 4:59 p.m.18 views

CVE-2016-6827

Huawei FusionCompute before V100R005C10CP7002 stores cleartext AES keys in a file, which allows remote authenticated users to obtain sensitive information via unspecified vectors...

6.5CVSS6AI score0.01016EPSS
Exploits0References2
Prion
Prion
added 2016/09/26 4:59 p.m.15 views

Design/Logic Flaw

Huawei FusionCompute before V100R005C10CP7002 stores cleartext AES keys in a file, which allows remote authenticated users to obtain sensitive information via unspecified vectors...

4CVSS6.1AI score0.01016EPSS
Exploits0References3Affected Software1
CVE
CVE
added 2016/09/26 4:0 p.m.51 views

CVE-2016-6827

Huawei FusionCompute before V100R005C10CP7002 stores cleartext AES keys in a file, enabling remote authenticated users to obtain sensitive information via unspecified vectors. Connected documents confirm the vulnerability originates from plaintext key storage and affects FusionCompute deployments...

6.5CVSS5.8AI score0.01016EPSS
Exploits0References3Affected Software1
Cvelist
Cvelist
added 2016/09/26 4:0 p.m.27 views

CVE-2016-6827

Huawei FusionCompute before V100R005C10CP7002 stores cleartext AES keys in a file, which allows remote authenticated users to obtain sensitive information via unspecified vectors...

6AI score0.01016EPSS
Exploits0References3
CNVD
CNVD
added 2016/08/25 12:0 a.m.4 views

Huawei FusionCompute Information Disclosure Vulnerability

Huawei FusionCompute is an enterprise-grade, open server virtualization solution from Huawei, China, based on the Xen open source design. The solution provides automation, advanced integration and management capabilities for virtualized data centers. An information disclosure vulnerability exists...

6.5CVSS6AI score0.01016EPSS
Exploits0References1
Huawei
Huawei
added 2016/08/15 12:0 a.m.25 views

Security Advisory - Cleartext Storage of Crytographic Key Vulnerability in FusionCompute

FusionCompute has a key cleartext storage vulnerability. Successful exploit could allow an attacker to obtain AES keys. Vulnerability ID: HWPSIRT-2016-06076 This vulnerability has been assigned Common Vulnerabilities and Exposures CVE ID: CVE-2016-6827. Huawei has released software updates to fix...

6.5CVSS6.5AI score0.01016EPSS
Exploits0Affected Software1
CNVD
CNVD
added 2016/07/03 12:0 a.m.3 views

Huawei FusionCompute Denial of Service Vulnerability

Huawei FusionCompute is an enterprise-class open server virtualization solution based on the Xen open source design. A denial of service vulnerability exists in Huawei FusionCompute, which can be exploited by remote attackers to conduct denial of service attacks by sending a large number of packe...

6.8CVSS6.6AI score0.01011EPSS
Exploits0References1
NVD
NVD
added 2016/06/30 4:59 p.m.20 views

CVE-2016-4057

Huawei FusionCompute before V100R005C10SPC700 allows remote authenticated users to cause a denial of service resource consumption via a large number of crafted packets...

6.8CVSS6.1AI score0.01011EPSS
Exploits0References2
Rows per page
Query Builder