Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline

Fusionsphere Openstack Firmware Security Vulnerabilities

cve
cve

CVE-2017-2718

FusionSphere OpenStack with software V100R006C00 and V100R006C10RC2 has two command injection vulnerabilities due to the insufficient input validation on one port. An attacker can exploit the vulnerabilities to gain root privileges by sending some messages with malicious commands.

8.8CVSS

9.2AI Score

0.001EPSS

2017-11-22 07:29 PM
27
cve
cve

CVE-2017-2719

FusionSphere OpenStack with software V100R006C00 and V100R006C10RC2 has two command injection vulnerabilities due to the insufficient input validation on one port. An attacker can exploit the vulnerabilities to gain root privileges by sending some messages with malicious commands.

8.8CVSS

9.2AI Score

0.001EPSS

2017-11-22 07:29 PM
24
cve
cve

CVE-2017-2720

FusionSphere OpenStack V100R006C00 has an information exposure vulnerability. The software uses hard-coded cryptographic key to encrypt messages between certain components, which significantly increases the possibility that encrypted data may be recovered and results in information exposure.

5.3CVSS

5.1AI Score

0.001EPSS

2017-11-22 07:29 PM
159
cve
cve

CVE-2017-8168

FusionSphere OpenStack with software V100R006C00SPC102(NFV) and V100R006C10 have an information leak vulnerability. Due to an incorrect configuration item, the information transmitted by a transmission channel is not encrypted. An attacker accessing the internal network may obtain sensitive informa...

4.3CVSS

4.4AI Score

0.001EPSS

2017-11-22 07:29 PM
28
cve
cve

CVE-2017-8187

Huawei FusionSphere OpenStack V100R006C00SPC102(NFV) has a privilege escalation vulnerability. Due to improper privilege restrictions, an attacker with high privilege may obtain the other users' certificates. Successful exploit may cause privilege escalation.

7.2CVSS

7AI Score

0.001EPSS

2018-03-20 03:29 PM
30
cve
cve

CVE-2017-8192

FusionSphere OpenStack V100R006C00 has an improper authorization vulnerability. Due to improper authorization, an attacker with low privilege may exploit this vulnerability to obtain the operation authority of some specific directory, causing privilege escalation.

7.8CVSS

7.5AI Score

0.0004EPSS

2017-11-22 07:29 PM
28
cve
cve

CVE-2018-7977

There is an information leakage vulnerability on several Huawei products. Due to insufficient communication protection for specific services, a remote, unauthorized attacker can exploit this vulnerability to connect to specific services to obtain additional information. Successful exploitation of t...

7.5CVSS

7.3AI Score

0.001EPSS

2018-11-27 10:29 PM
28
cve
cve

CVE-2020-9079

FusionSphere OpenStack 8.0.0 have a protection mechanism failure vulnerability. The product incorrectly uses a protection mechanism. An attacker has to find a way to exploit the vulnerability to conduct directed attacks against the affected product.

8.8CVSS

8.5AI Score

0.001EPSS

2020-08-11 02:15 AM
45
cve
cve

CVE-2020-9225

FusionSphere OpenStack 6.5.1 have an improper permissions management vulnerability. The software does not correctly perform a privilege assignment when an actor attempts to perform an action. Successful exploit could allow certain user to do certain operations beyond its privilege.

7.8CVSS

7.5AI Score

0.0004EPSS

2020-06-18 02:15 PM
26