5.9

CVE-2017-8157

EPSS 0.09%
Published 22.11.2017 19:29:03
Last modified 20.04.2025 01:37:25
Source psirt@huawei.com
Teams watchlist Login
Open Login

OceanStor 5800 V3 with software V300R002C00 and V300R002C10, OceanStor 6900 V3 V300R001C00 has an information leakage vulnerability. Products use TLS1.0 to encrypt. Attackers can exploit TLS1.0's vulnerabilities to decrypt data to obtain sensitive information.

Affected products Warnungen 0 Metrics 3 CWE 1 References 4

Data is provided by the National Vulnerability Database (NVD)

Huawei ≫ Oceanstor 5800 V3 Firmware Versionv300r002c00

Huawei ≫ Oceanstor 5800 V3 Version-

Huawei ≫ Oceanstor 5800 V3 Firmware Versionv300r002c10

Huawei ≫ Oceanstor 5800 V3 Version-

Huawei ≫ Oceanstor 6900 V3 Firmware Versionv300r001c00

Huawei ≫ Oceanstor 6900 V3 Version-

Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.

EPSS Metriken
Type	Source	Score	Percentile
EPSS	FIRST.org	0.09%	0.266

CVSS Metriken
Source	Base Score	Exploit Score	Impact Score	Vector string
nvd@nist.gov	5.9	2.2	3.6	CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N
nvd@nist.gov	4.3	8.6	2.9	AV:N/AC:M/Au:N/C:P/I:N/A:N

CWE-327 Use of a Broken or Risky Cryptographic Algorithm

The product uses a broken or risky cryptographic algorithm or protocol.

http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20170920-01-oceanstor-en

Vendor Advisory

https://nvd.nist.gov/vuln/detail/CVE-2017-8157

CVE Source (NVD)

https://cveawg.mitre.org/api/cve/CVE-2017-8157

CVE Source (JSON)

https://euvd.enisa.europa.eu/vulnerability/CVE-2017-8157

EUVD