Huawei

Fusionsphere Openstack

12 Schwachstellen gefunden.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
7.8

CVE-2020-9225

  • EPSS 0.02%
  • Veröffentlicht 18.06.2020 14:15:11
  • Zuletzt bearbeitet 21.11.2024 05:40:11

FusionSphere OpenStack 6.5.1 have an improper permissions management vulnerability. The software does not correctly perform a privilege assignment when an actor attempts to perform an action. Successful exploit could allow certain user to do certain ...

7.5

CVE-2018-7977

  • EPSS 0.15%
  • Veröffentlicht 27.11.2018 22:29:00
  • Zuletzt bearbeitet 21.11.2024 04:13:01

There is an information leakage vulnerability on several Huawei products. Due to insufficient communication protection for specific services, a remote, unauthorized attacker can exploit this vulnerability to connect to specific services to obtain add...

7.8

CVE-2017-8192

  • EPSS 0.02%
  • Veröffentlicht 22.11.2017 19:29:04
  • Zuletzt bearbeitet 20.04.2025 01:37:25

FusionSphere OpenStack V100R006C00 has an improper authorization vulnerability. Due to improper authorization, an attacker with low privilege may exploit this vulnerability to obtain the operation authority of some specific directory, causing privile...

4.3

CVE-2017-8168

  • EPSS 0.02%
  • Veröffentlicht 22.11.2017 19:29:03
  • Zuletzt bearbeitet 20.04.2025 01:37:25

FusionSphere OpenStack with software V100R006C00SPC102(NFV) and V100R006C10 have an information leak vulnerability. Due to an incorrect configuration item, the information transmitted by a transmission channel is not encrypted. An attacker accessing ...

8.8

CVE-2017-8131

  • EPSS 0.3%
  • Veröffentlicht 22.11.2017 19:29:02
  • Zuletzt bearbeitet 20.04.2025 01:37:25

The FusionSphere OpenStack with software V100R006C00 and V100R006C10 has a command injection vulnerability due to the insufficient input validation on four TCP listening ports. An unauthenticated attacker can exploit the vulnerabilities to gain root ...

8.8

CVE-2017-8132

  • EPSS 0.3%
  • Veröffentlicht 22.11.2017 19:29:02
  • Zuletzt bearbeitet 20.04.2025 01:37:25

The FusionSphere OpenStack with software V100R006C00 and V100R006C10 has a command injection vulnerability due to the insufficient input validation on four TCP listening ports. An unauthenticated attacker can exploit the vulnerabilities to gain root ...

8.8

CVE-2017-8134

  • EPSS 0.3%
  • Veröffentlicht 22.11.2017 19:29:02
  • Zuletzt bearbeitet 20.04.2025 01:37:25

The FusionSphere OpenStack with software V100R006C00 and V100R006C10 has a command injection vulnerability due to the insufficient input validation on four TCP listening ports. An unauthenticated attacker can exploit the vulnerabilities to gain root ...

8.8

CVE-2017-8135

  • EPSS 0.53%
  • Veröffentlicht 22.11.2017 19:29:02
  • Zuletzt bearbeitet 20.04.2025 01:37:25

The FusionSphere OpenStack with software V100R006C00 and V100R006C10 has a command injection vulnerability due to the insufficient input validation on four TCP listening ports. An unauthenticated attacker can exploit the vulnerabilities to gain root ...

8

CVE-2017-2714

  • EPSS 0.06%
  • Veröffentlicht 22.11.2017 19:29:01
  • Zuletzt bearbeitet 20.04.2025 01:37:25

The GaussDB in FusionSphere OpenStack V100R005C10SPC705 and earlier versions has a buffer overflow vulnerability. An authenticated attacker on the LAN can exploit this vulnerability to execute arbitrary code or cause a denial of service (DoS) conditi...

8.8

CVE-2017-2718

  • EPSS 0.45%
  • Veröffentlicht 22.11.2017 19:29:01
  • Zuletzt bearbeitet 20.04.2025 01:37:25

FusionSphere OpenStack with software V100R006C00 and V100R006C10RC2 has two command injection vulnerabilities due to the insufficient input validation on one port. An attacker can exploit the vulnerabilities to gain root privileges by sending some me...