Lucene search
K
HuaweiFusionsphere Openstack

21 matches found

CVE
CVE
added 2017/11/22 7:0 p.m.184 views

CVE-2017-2720

The CVE-2017-2720 issue affects Huawei FusionSphere OpenStack V100R006C00, where an information-exposure vulnerability stems from a hard-coded cryptographic key used to encrypt inter-component messages. This design flaw can increase the risk of encrypted data being recovered. Huawei’s Security Ad...

5.3CVSS5.1AI score0.0071EPSS
CVE
CVE
added 2020/08/11 1:38 a.m.68 views

CVE-2020-9079

Huawei FusionSphere OpenStack 8.0.0 has a protection mechanism failure vulnerability (CVE-2020-9079) due to incorrect use of a protection mechanism. The NVD entry lists a high impact (CVSSv3.1 base score 8.8) with adjacent access, no privileges required, and high impacts to confidentiality, integ...

8.8CVSS8.5AI score0.00375EPSS
CVE
CVE
added 2017/11/22 7:0 p.m.56 views

CVE-2017-2718

CVE-2017-2718 affects Huawei FusionSphere/OpenStack deployments (V100R006C00, V100R006C10RC2). The defect is two command injection vulnerabilities caused by insufficient input validation on a single port, enabling an attacker to obtain root privileges by sending specially crafted messages. Public...

8.8CVSS9.2AI score0.00907EPSS
CVE
CVE
added 2017/11/22 7:0 p.m.56 views

CVE-2017-8193

The CVE-2017-8193 issue affects FusionSphere OpenStack (V100R006C00SPC102 NFV). The root cause is insufficient input validation on a single port, allowing an authenticated, local attacker to inject commands and gain root privileges. The vulnerability is confirmed by multiple sources (NVD entry an...

8CVSS8.1AI score0.00865EPSS
CVE
CVE
added 2017/11/22 7:0 p.m.56 views

CVE-2017-8194

CVE-2017-8194 affects FusionSphere OpenStack V100R006C00SPC102 (NFV). An improper authentication on a single port lets an authenticated, remote attacker send a crafted REST message to perform additional operations. The CVE entry includes a high-level impact (partial to high confidentiality/integr...

8.8CVSS8.7AI score0.01209EPSS
CVE
CVE
added 2020/06/18 1:54 p.m.55 views

CVE-2020-9225

CVE-2020-9225 affects Huawei FusionSphere OpenStack 6.5.1, involving improper privilege management where privilege assignment is not performed correctly, enabling a user to perform operations beyond their privileges. The issue is tied to the FusionSphere/OpenStack component and is described acros...

7.8CVSS7.5AI score0.00197EPSS
CVE
CVE
added 2017/12/22 5:0 p.m.54 views

CVE-2017-15321

Huawei FusionSphere OpenStack (FSO) on V100R006C000SPC102 (NFV) is affected by an information disclosure vulnerability caused by the default use of a low-version transport protocol, allowing an attacker to intercept transmitted packets. The CVE entry CVE-2017-15321 is documented with an impact of...

4.3CVSS4.1AI score0.00606EPSS
CVE
CVE
added 2017/11/22 7:0 p.m.54 views

CVE-2017-8188

CVE-2017-8188 affects Huawei FusionSphere/OpenStack (FusionSphere OpenStack V100R006C00SPC102(NFV)). The vulnerability is a command injection caused by insufficient input validation, enabling a high-privilege attacker to inject code and achieve code execution in affected modules. Exploitation det...

7.2CVSS7.3AI score0.01681EPSS
CVE
CVE
added 2017/11/22 7:0 p.m.53 views

CVE-2017-8168

CVE-2017-8168 affects Huawei FusionSphere OpenStack (FusionSphere OpenStack) with software V100R006C00SPC102(NFV) and V100R006C10. The root cause is an incorrect configuration item that leaves information transmitted over a channel unencrypted, allowing an attacker with internal-network access to...

4.3CVSS4.4AI score0.00266EPSS
CVE
CVE
added 2017/11/22 7:0 p.m.52 views

CVE-2017-8191

The CVE-2017-8191 entry affects FusionSphere OpenStack (FusionSphere OpenStack V100R006C00SPC102 NFV). Description confirms a weak/cryptographic algorithm vulnerability that can allow attackers to crack ciphertext and cause information leakage on transmission links (impact: confidentiality). The ...

5.9CVSS5.5AI score0.00597EPSS
CVE
CVE
added 2017/11/22 7:0 p.m.51 views

CVE-2017-8189

CVE-2017-8189 is a path traversal vulnerability in Huawei FusionSphere OpenStack, affecting FusionSphere OpenStack V100R006C00SPC102 (NFV). Root cause: insufficient path validation. A high-privilege attacker could traverse paths and overwrite/cover files, leading to service disruption (as per Hua...

6CVSS5.8AI score0.0028EPSS
CVE
CVE
added 2018/11/27 10:0 p.m.51 views

CVE-2018-7977

CVE-2018-7977 affects Huawei FusionSphere/OpenStack components where information disclosure occurs due to insufficient protection of service-specific communications. The vulnerability enables a remote, unauthenticated attacker to connect to certain services and obtain additional information, lead...

7.5CVSS7.3AI score0.00976EPSS
CVE
CVE
added 2017/11/22 7:0 p.m.50 views

CVE-2017-8132

CVE-2017-8132 affects Huawei FusionSphere OpenStack (software versions V100R006C00 and V100R006C10). The vulnerability is a command injection due to insufficient input validation on four TCP listening ports, allowing an unauthenticated attacker to gain root privileges by sending malicious command...

8.8CVSS9.2AI score0.01366EPSS
CVE
CVE
added 2017/11/22 7:0 p.m.49 views

CVE-2017-2714

CVE-2017-2714 affects GaussDB in Huawei FusionSphere OpenStack (V100R005C10SPC705 and earlier). The flaw is a buffer overflow caused by lack of input validation, enabling an authenticated LAN attacker to execute arbitrary code or cause a DoS. Connected sources corroborate the vulnerability in Gau...

8CVSS8.2AI score0.00515EPSS
CVE
CVE
added 2017/11/22 7:0 p.m.49 views

CVE-2017-2719

CVE-2017-2719 concerns Huawei FusionSphere/OpenStack components (V100R006C00 and V100R006C10RC2). The issue is two command-injection vulnerabilities caused by insufficient input validation on a TCP/one port, allowing an attacker to execute malicious commands and potentially gain root privileges b...

8.8CVSS9.2AI score0.00923EPSS
CVE
CVE
added 2017/11/22 7:0 p.m.49 views

CVE-2017-8134

The CVE-2017-8134 entry concerns Huawei FusionSphere OpenStack (software versions V100R006C00 and V100R006C10) with four TCP listening ports vulnerable to command injection caused by insufficient input validation. The vulnerability allows an unauthenticated attacker to execute malicious commands ...

8.8CVSS9.2AI score0.01366EPSS
CVE
CVE
added 2017/11/22 7:0 p.m.49 views

CVE-2017-8192

CVE-2017-8192 affects Huawei FusionSphere OpenStack V100R006C00, with an improper authorization vulnerability where a low-privilege attacker can obtain operation authority for a specific directory, enabling privilege escalation. Root cause: improper authorization configuration. Impact: local priv...

7.8CVSS7.5AI score0.00216EPSS
CVE
CVE
added 2017/11/22 7:0 p.m.48 views

CVE-2017-8195

CVE-2017-8195 affects Huawei FusionSphere OpenStack V100R006C00SPC102 (NFV). An improper authentication issue on one port allows an authenticated remote attacker to perform additional operations by sending a crafted REST message, leading to elevated access (confidentiality/integrity/availability ...

8.8CVSS8.7AI score0.01173EPSS
CVE
CVE
added 2017/11/22 7:0 p.m.47 views

CVE-2017-8190

CVE-2017-8190 is reported for FusionSphere OpenStack (V100R006C00SPC102 NFV) with an improper verification of cryptographic signatures. The underlying issue is that the software does not verify the cryptographic signature, enabling a high-privilege attacker to inject malicious software. The NVD e...

6.7CVSS6.4AI score0.0019EPSS
CVE
CVE
added 2017/11/22 7:0 p.m.45 views

CVE-2017-8135

CVE-2017-8135 affects Huawei FusionSphere/OpenStack (V100R006C00/C10). The root cause is insufficient input validation on four TCP listening ports, enabling an unauthenticated attacker to inject commands and gain root privileges. The vulnerability is documented across multiple sources (NVD, CVE l...

8.8CVSS9.2AI score0.01423EPSS
CVE
CVE
added 2017/11/22 7:0 p.m.44 views

CVE-2017-8131

The CVE-2017-8131 entry applies to FusionSphere OpenStack (software versions V100R006C00/V100R006C10). It describes a command injection vulnerability caused by insufficient input validation on four TCP listening ports, allowing an unauthenticated attacker to execute commands and gain root privile...

8.8CVSS9.2AI score0.01366EPSS