Huawei

Fusionsphere Openstack

12 vulnerabilities found.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
7.8

CVE-2020-9225

  • EPSS 0.02%
  • Published 18.06.2020 14:15:11
  • Last modified 21.11.2024 05:40:11

FusionSphere OpenStack 6.5.1 have an improper permissions management vulnerability. The software does not correctly perform a privilege assignment when an actor attempts to perform an action. Successful exploit could allow certain user to do certain ...

7.5

CVE-2018-7977

  • EPSS 0.15%
  • Published 27.11.2018 22:29:00
  • Last modified 21.11.2024 04:13:01

There is an information leakage vulnerability on several Huawei products. Due to insufficient communication protection for specific services, a remote, unauthorized attacker can exploit this vulnerability to connect to specific services to obtain add...

7.8

CVE-2017-8192

  • EPSS 0.02%
  • Published 22.11.2017 19:29:04
  • Last modified 20.04.2025 01:37:25

FusionSphere OpenStack V100R006C00 has an improper authorization vulnerability. Due to improper authorization, an attacker with low privilege may exploit this vulnerability to obtain the operation authority of some specific directory, causing privile...

4.3

CVE-2017-8168

  • EPSS 0.02%
  • Published 22.11.2017 19:29:03
  • Last modified 20.04.2025 01:37:25

FusionSphere OpenStack with software V100R006C00SPC102(NFV) and V100R006C10 have an information leak vulnerability. Due to an incorrect configuration item, the information transmitted by a transmission channel is not encrypted. An attacker accessing ...

8.8

CVE-2017-8131

  • EPSS 0.3%
  • Published 22.11.2017 19:29:02
  • Last modified 20.04.2025 01:37:25

The FusionSphere OpenStack with software V100R006C00 and V100R006C10 has a command injection vulnerability due to the insufficient input validation on four TCP listening ports. An unauthenticated attacker can exploit the vulnerabilities to gain root ...

8.8

CVE-2017-8132

  • EPSS 0.3%
  • Published 22.11.2017 19:29:02
  • Last modified 20.04.2025 01:37:25

The FusionSphere OpenStack with software V100R006C00 and V100R006C10 has a command injection vulnerability due to the insufficient input validation on four TCP listening ports. An unauthenticated attacker can exploit the vulnerabilities to gain root ...

8.8

CVE-2017-8134

  • EPSS 0.3%
  • Published 22.11.2017 19:29:02
  • Last modified 20.04.2025 01:37:25

The FusionSphere OpenStack with software V100R006C00 and V100R006C10 has a command injection vulnerability due to the insufficient input validation on four TCP listening ports. An unauthenticated attacker can exploit the vulnerabilities to gain root ...

8.8

CVE-2017-8135

  • EPSS 0.53%
  • Published 22.11.2017 19:29:02
  • Last modified 20.04.2025 01:37:25

The FusionSphere OpenStack with software V100R006C00 and V100R006C10 has a command injection vulnerability due to the insufficient input validation on four TCP listening ports. An unauthenticated attacker can exploit the vulnerabilities to gain root ...

8

CVE-2017-2714

  • EPSS 0.06%
  • Published 22.11.2017 19:29:01
  • Last modified 20.04.2025 01:37:25

The GaussDB in FusionSphere OpenStack V100R005C10SPC705 and earlier versions has a buffer overflow vulnerability. An authenticated attacker on the LAN can exploit this vulnerability to execute arbitrary code or cause a denial of service (DoS) conditi...

8.8

CVE-2017-2718

  • EPSS 0.45%
  • Published 22.11.2017 19:29:01
  • Last modified 20.04.2025 01:37:25

FusionSphere OpenStack with software V100R006C00 and V100R006C10RC2 has two command injection vulnerabilities due to the insufficient input validation on one port. An attacker can exploit the vulnerabilities to gain root privileges by sending some me...