exploitDog

CVE-2017-8192

Опубликовано: 22 нояб. 2017

Источник: nvd

CVSS3: 7.8

CVSS2: 4.6

EPSS Низкий

Описание

FusionSphere OpenStack V100R006C00 has an improper authorization vulnerability. Due to improper authorization, an attacker with low privilege may exploit this vulnerability to obtain the operation authority of some specific directory, causing privilege escalation.

Ссылки

http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20171025-01-fustionsphere-en
Vendor Advisory
http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20171025-01-fustionsphere-en
Vendor Advisory

Уязвимые конфигурации

Конфигурация 1

cpe:2.3:o:huawei:fusionsphere_openstack:v100r006c00:*:*:*:*:*:*:*

EPSS

Процентиль: 6%

0.00023

Низкий

7.8 High

CVSS3

4.6 Medium

CVSS2

Дефекты

CWE-863

Связанные уязвимости

GHSA-hjqc-wrmr-hq47

CVSS3: 7.8

github

больше 3 лет назад

FusionSphere OpenStack V100R006C00 has an improper authorization vulnerability. Due to improper authorization, an attacker with low privilege may exploit this vulnerability to obtain the operation authority of some specific directory, causing privilege escalation.

EPSS

Процентиль: 6%

0.00023

Низкий

7.8 High

CVSS3

4.6 Medium

CVSS2

Дефекты

CWE-863