CVE-2017-8191

FusionSphere OpenStack V100R006C00SPC102NFVhas a week cryptographic algorithm vulnerability. Attackers may exploit the vulnerability to crack the cipher text and cause information leak on the transmission links...

CVE-2017-2719

FusionSphere OpenStack with software V100R006C00 and V100R006C10RC2 has two command injection vulnerabilities due to the insufficient input validation on one port. An attacker can exploit the vulnerabilities to gain root privileges by sending some messages with malicious commands...

CVE-2017-8134

The FusionSphere OpenStack with software V100R006C00 and V100R006C10 has a command injection vulnerability due to the insufficient input validation on four TCP listening ports. An unauthenticated attacker can exploit the vulnerabilities to gain root privileges by sending some messages with...

CVE-2017-8132

CVE-2017-8132 affects Huawei FusionSphere OpenStack (software versions V100R006C00 and V100R006C10). The vulnerability is a command injection due to insufficient input validation on four TCP listening ports, allowing an unauthenticated attacker to gain root privileges by sending malicious command...

CVE-2017-8131

The FusionSphere OpenStack with software V100R006C00 and V100R006C10 has a command injection vulnerability due to the insufficient input validation on four TCP listening ports. An unauthenticated attacker can exploit the vulnerabilities to gain root privileges by sending some messages with...

CVE-2017-2718

FusionSphere OpenStack with software V100R006C00 and V100R006C10RC2 has two command injection vulnerabilities due to the insufficient input validation on one port. An attacker can exploit the vulnerabilities to gain root privileges by sending some messages with malicious commands...

CVE-2017-8190

FusionSphere OpenStack V100R006C00SPC102NFVhas an improper verification of cryptographic signature vulnerability. The software does not verify the cryptographic signature. An attacker with high privilege may exploit this vulnerability to inject malicious software...

CVE-2017-8189

FusionSphere OpenStack V100R006C00SPC102NFVhas a path traversal vulnerability. Due to insufficient path validation, an attacker with high privilege may exploit this vulnerability to cover some files, causing services abnormal...

CVE-2017-8188

FusionSphere OpenStack V100R006C00SPC102NFVhas a command injection vulnerability. Due to lack of validation, an attacker with high privilege may inject malicious code into some module of the affected products, causing code execution...

CVE-2017-8190

CVE-2017-8190 is reported for FusionSphere OpenStack (V100R006C00SPC102 NFV) with an improper verification of cryptographic signatures. The underlying issue is that the software does not verify the cryptographic signature, enabling a high-privilege attacker to inject malicious software. The NVD e...

CVE-2017-8192

FusionSphere OpenStack V100R006C00 has an improper authorization vulnerability. Due to improper authorization, an attacker with low privilege may exploit this vulnerability to obtain the operation authority of some specific directory, causing privilege escalation...

CVE-2017-8195

The FusionSphere OpenStack V100R006C00SPC102NFV has an improper authentication vulnerability. Due to improper authentication on one port, an authenticated, remote attacker may exploit the vulnerability to execute more operations by send a crafted rest message...

Huawei FusionSphere Openstack Information Disclosure Vulnerability (CNVD-2017-33879)

Huawei FusionSphere and FusionSphere OpenStack FSO are both Huawei products. The former is a cloud operating system product developed based on the OpenStack framework, and the latter is FusionSphere's cloud platform software in ICT scenarios. Huawei FusionSphere Openstack suffers from an...

Huawei FusionSphere OpenStack Path Checksum Vulnerability

Huawei FusionSphere and FusionSphere OpenStack FSO are both Huawei products. The former is a cloud operating system product developed based on the OpenStack framework, and the latter is FusionSphere's cloud platform software in ICT scenarios. A path checking vulnerability exists in Huawei...

Huawei FusionSphere OpenStack Elevation of Privilege Vulnerability

Huawei FusionSphere and FusionSphere OpenStack FSO are both Huawei products. The former is a cloud operating system product developed based on the OpenStack framework, and the latter is FusionSphere's cloud platform software in ICT scenarios. An elevation of privilege vulnerability exists in Huaw...

Huawei FusionSphere OpenStack Signature Validation Vulnerability

Huawei FusionSphere and FusionSphere OpenStack FSO are both Huawei products. The former is a cloud operating system product developed based on the OpenStack framework, and the latter is FusionSphere's cloud platform software in ICT scenarios. A signature validation vulnerability exists in Huawei...

Huawei FusionSphere OpenStack Weak Algorithm Vulnerability

Huawei FusionSphere and FusionSphere OpenStack FSO are both Huawei products. The former is a cloud operating system product developed based on the OpenStack framework, and the latter is FusionSphere's cloud platform software in ICT scenarios. A weak algorithm vulnerability exists in Huawei...

Huawei FusionSphere OpenStack Information Disclosure Vulnerability (CNVD-2017-34443)

Huawei FusionSphere and FusionSphere OpenStack FSO are both Huawei products. The former is a cloud operating system product developed based on the OpenStack framework, and the latter is FusionSphere's cloud platform software in ICT scenarios. Huawei FusionSphere OpenStack suffers from an...

Security Advisory - Information Exposure Vulnerability on FusionSphere OpenStack

There is an information exposure vulnerability on FusionSphere OpenStack. The software uses hard-coded cryptographic key to encrypt messages between certain components, which significantly increases the possibility that encrypted data may be recovered and results in information exposure...

Huawei FusionSphere OpenStack Information Disclosure Vulnerability

Huawei FusionSphere and FusionSphere OpenStack FSO are both Huawei products. The former is a cloud operating system product developed based on the OpenStack framework, and the latter is FusionSphere's cloud platform software in ICT scenarios. Huawei FusionSphere OpenStack suffers from an...