Описание
FusionCompute V100R005C00 and V100R005C10 have an improper authorization vulnerability due to improper permission settings for a certain file on the host machine. An authenticated attacker could create a large number of virtual machine (VM) processes to exhaust system resources. Successful exploit could make new VMs unavailable.
Уязвимые конфигурации
Конфигурация 1
Одно из
cpe:2.3:a:huawei:fusioncompute:v100r005c00:*:*:*:*:*:*:*
cpe:2.3:a:huawei:fusioncompute:v100r005c10:*:*:*:*:*:*:*
EPSS
Процентиль: 3%
0.00018
Низкий
6.5 Medium
CVSS3
4.9 Medium
CVSS2
Дефекты
CWE-732
Связанные уязвимости
CVSS3: 6.5
github
больше 3 лет назад
FusionCompute V100R005C00 and V100R005C10 have an improper authorization vulnerability due to improper permission settings for a certain file on the host machine. An authenticated attacker could create a large number of virtual machine (VM) processes to exhaust system resources. Successful exploit could make new VMs unavailable.
EPSS
Процентиль: 3%
0.00018
Низкий
6.5 Medium
CVSS3
4.9 Medium
CVSS2
Дефекты
CWE-732