exploitDog

CVE-2017-8190

Опубликовано: 22 нояб. 2017

Источник: nvd

CVSS3: 6.7

CVSS2: 4.6

EPSS Низкий

Описание

FusionSphere OpenStack V100R006C00SPC102(NFV)has an improper verification of cryptographic signature vulnerability. The software does not verify the cryptographic signature. An attacker with high privilege may exploit this vulnerability to inject malicious software.

Ссылки

http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20171018-01-fusionsphere-en
Vendor Advisory
http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20171018-01-fusionsphere-en
Vendor Advisory

Уязвимые конфигурации

Конфигурация 1

cpe:2.3:o:huawei:fusionsphere_openstack:v100r006c00spc102\(nfv\):*:*:*:*:*:*:*

EPSS

Процентиль: 2%

0.00012

Низкий

6.7 Medium

CVSS3

4.6 Medium

CVSS2

Дефекты

CWE-347

Связанные уязвимости

GHSA-wgjg-8jrw-h95f

CVSS3: 6.7

github

больше 3 лет назад

FusionSphere OpenStack V100R006C00SPC102(NFV)has an improper verification of cryptographic signature vulnerability. The software does not verify the cryptographic signature. An attacker with high privilege may exploit this vulnerability to inject malicious software.

EPSS

Процентиль: 2%

0.00012

Низкий

6.7 Medium

CVSS3

4.6 Medium

CVSS2

Дефекты

CWE-347