3 matches found
CVE-2017-8196
CVE-2017-8196 is described in Huawei’s Huawei-PSIRT advisory HWPSIRT-2017-06166 as an incorrect authorization vulnerability in Huawei FusionSphere, affecting FusionSphere V100R006C00SPC102 (NFV). An authenticated attacker could execute commands they should not have permission for, enabling queryi...
CVE-2017-8198
FusionSphere V100R006C00SPC102(NFV) is affected by an SQL injection due to insufficient input validation in an interface message handler. An authenticated, remote attacker could craft messages carrying malicious SQL and send them to a target device, potentially executing arbitrary SQL commands wi...
CVE-2017-8197
The CVE-2017-8197 issue affects Huawei FusionSphere V100R006C00SPC102 (NFV). Affected component: command injection vulnerability in FusionSphere due to insufficient input validation, exploitable by an authenticated, remote attacker sending packets containing malicious strings to the device. Succe...