Lucene search
K

32 matches found

Prion
Prion
added 2018/03/20 3:29 p.m.17 views

Privilege escalation

Huawei FusionSphere OpenStack V100R006C00SPC102NFV has a privilege escalation vulnerability. Due to improper privilege restrictions, an attacker with high privilege may obtain the other users' certificates. Successful exploit may cause privilege escalation...

6.5CVSS7AI score0.00548EPSS
Exploits0References1Affected Software1
NVD
NVD
added 2018/03/20 3:29 p.m.23 views

CVE-2017-8187

Huawei FusionSphere OpenStack V100R006C00SPC102NFV has a privilege escalation vulnerability. Due to improper privilege restrictions, an attacker with high privilege may obtain the other users' certificates. Successful exploit may cause privilege escalation...

7.2CVSS7AI score0.00548EPSS
Exploits0References1
CVE
CVE
added 2018/03/20 3:0 p.m.55 views

CVE-2017-8187

CVE-2017-8187 affects Huawei FusionSphere OpenStack V100R006C00SPC102 (NFV). The root cause is improper privilege restrictions that could allow a high-privileged attacker to obtain other users’ certificates, enabling privilege escalation. The NVD reports a base CVSSv3 score of 7.2 (HIGH) with net...

7.2CVSS7AI score0.00548EPSS
Exploits0References1Affected Software1
Cvelist
Cvelist
added 2018/03/20 3:0 p.m.22 views

CVE-2017-8187

Huawei FusionSphere OpenStack V100R006C00SPC102NFV has a privilege escalation vulnerability. Due to improper privilege restrictions, an attacker with high privilege may obtain the other users' certificates. Successful exploit may cause privilege escalation...

7AI score0.00548EPSS
Exploits0References1
NVD
NVD
added 2017/11/22 7:29 p.m.20 views

CVE-2017-8191

FusionSphere OpenStack V100R006C00SPC102NFVhas a week cryptographic algorithm vulnerability. Attackers may exploit the vulnerability to crack the cipher text and cause information leak on the transmission links...

5.9CVSS6AI score0.00597EPSS
Exploits0References2
NVD
NVD
added 2017/11/22 7:29 p.m.18 views

CVE-2017-8193

The FusionSphere OpenStack V100R006C00SPC102NFV has a command injection vulnerability. Due to the insufficient input validation on one port, an authenticated, local attacker may exploit the vulnerability to gain root privileges by sending message with malicious commands...

8CVSS8.4AI score0.00865EPSS
Exploits0References1
NVD
NVD
added 2017/11/22 7:29 p.m.27 views

CVE-2017-8189

FusionSphere OpenStack V100R006C00SPC102NFVhas a path traversal vulnerability. Due to insufficient path validation, an attacker with high privilege may exploit this vulnerability to cover some files, causing services abnormal...

6CVSS6.2AI score0.0028EPSS
Exploits0References1
NVD
NVD
added 2017/11/22 7:29 p.m.15 views

CVE-2017-8188

FusionSphere OpenStack V100R006C00SPC102NFVhas a command injection vulnerability. Due to lack of validation, an attacker with high privilege may inject malicious code into some module of the affected products, causing code execution...

7.2CVSS7.3AI score0.01681EPSS
Exploits0References1
OSV
OSV
added 2017/11/22 7:29 p.m.5 views

CVE-2017-8191

FusionSphere OpenStack V100R006C00SPC102NFVhas a week cryptographic algorithm vulnerability. Attackers may exploit the vulnerability to crack the cipher text and cause information leak on the transmission links...

5.9CVSS5.8AI score
Exploits0References2
NVD
NVD
added 2017/11/22 7:29 p.m.24 views

CVE-2017-8195

The FusionSphere OpenStack V100R006C00SPC102NFV has an improper authentication vulnerability. Due to improper authentication on one port, an authenticated, remote attacker may exploit the vulnerability to execute more operations by send a crafted rest message...

8.8CVSS8.9AI score0.01173EPSS
Exploits0References1
NVD
NVD
added 2017/11/22 7:29 p.m.22 views

CVE-2017-8194

The FusionSphere OpenStack V100R006C00SPC102NFV has an improper authentication vulnerability. Due to improper authentication on one port, an authenticated, remote attacker may exploit the vulnerability to execute more operations by send a crafted rest message...

8.8CVSS8.9AI score0.01209EPSS
Exploits0References2
NVD
NVD
added 2017/11/22 7:29 p.m.21 views

CVE-2017-8198

FusionSphere V100R006C00SPC102NFV has an SQL injection vulnerability. An authenticated, remote attacker could craft interface messages carrying malicious SQL statements and send them to a target device. Successful exploit could allow the attacker to launch an SQL injection attack and execute SQL...

7.2CVSS7.4AI score0.01052EPSS
Exploits0References1
Prion
Prion
added 2017/11/22 7:29 p.m.17 views

Command injection

The FusionSphere OpenStack V100R006C00SPC102NFV has a command injection vulnerability. Due to the insufficient input validation on one port, an authenticated, local attacker may exploit the vulnerability to gain root privileges by sending message with malicious commands...

7.7CVSS8.3AI score0.00865EPSS
Exploits0References1Affected Software1
Prion
Prion
added 2017/11/22 7:29 p.m.23 views

Authentication flaw

The FusionSphere OpenStack V100R006C00SPC102NFV has an improper authentication vulnerability. Due to improper authentication on one port, an authenticated, remote attacker may exploit the vulnerability to execute more operations by send a crafted rest message...

6.5CVSS8.8AI score0.01209EPSS
Exploits0References2Affected Software1
Prion
Prion
added 2017/11/22 7:29 p.m.13 views

Command injection

FusionSphere V100R006C00SPC102NFV has a command injection vulnerability. An authenticated, remote attacker could craft packets with malicious strings and send them to a target device. Successful exploit could allow the attacker to launch a command injection attack and execute system commands...

9CVSS7.3AI score0.02041EPSS
Exploits0References1Affected Software1
Prion
Prion
added 2017/11/22 7:29 p.m.20 views

Authentication flaw

The FusionSphere OpenStack V100R006C00SPC102NFV has an improper authentication vulnerability. Due to improper authentication on one port, an authenticated, remote attacker may exploit the vulnerability to execute more operations by send a crafted rest message...

6.5CVSS8.8AI score0.01173EPSS
Exploits0References1Affected Software1
Prion
Prion
added 2017/11/22 7:29 p.m.13 views

Command injection

FusionSphere OpenStack V100R006C00SPC102NFVhas a command injection vulnerability. Due to lack of validation, an attacker with high privilege may inject malicious code into some module of the affected products, causing code execution...

6.5CVSS7.3AI score0.01681EPSS
Exploits0References1Affected Software1
Prion
Prion
added 2017/11/22 7:29 p.m.21 views

Design/Logic Flaw

FusionSphere OpenStack V100R006C00SPC102NFVhas a week cryptographic algorithm vulnerability. Attackers may exploit the vulnerability to crack the cipher text and cause information leak on the transmission links...

4.3CVSS6AI score0.00597EPSS
Exploits0References2Affected Software1
CVE
CVE
added 2017/11/22 7:0 p.m.48 views

CVE-2017-8195

CVE-2017-8195 affects Huawei FusionSphere OpenStack V100R006C00SPC102 (NFV). An improper authentication issue on one port allows an authenticated remote attacker to perform additional operations by sending a crafted REST message, leading to elevated access (confidentiality/integrity/availability ...

8.8CVSS8.7AI score0.01173EPSS
Exploits0References1Affected Software1
Cvelist
Cvelist
added 2017/11/22 7:0 p.m.14 views

CVE-2017-8197

FusionSphere V100R006C00SPC102NFV has a command injection vulnerability. An authenticated, remote attacker could craft packets with malicious strings and send them to a target device. Successful exploit could allow the attacker to launch a command injection attack and execute system commands...

7.3AI score0.02041EPSS
Exploits0References1
Rows per page
Query Builder