CVE-2017-8157
MEDIUMHuawei OceanStor 5800 V3 and 6900 V3 - Information Disclosure via TLS 1.0 Weak Encryption
Title source: llmDescription
OceanStor 5800 V3 with software V300R002C00 and V300R002C10, OceanStor 6900 V3 V300R001C00 has an information leakage vulnerability. Products use TLS1.0 to encrypt. Attackers can exploit TLS1.0's vulnerabilities to decrypt data to obtain sensitive information.
References (1)
Core 1
Core References
Vendor Advisory x_refsource_confirm
http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20170920-01-oceanstor-en
Scores
CVSS v3
5.9
EPSS
0.0009
EPSS Percentile
25.4%
Attack Vector
NETWORK
CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N
Details
CWE
CWE-327
Status
published
Products (4)
huawei/oceanstor_5800_v3_firmware
v300r002c00
huawei/oceanstor_5800_v3_firmware
v300r002c10
huawei/oceanstor_6900_v3_firmware
v300r001c00
Huawei Technologies Co., Ltd./OceanStor 5800 V3, OceanStor 6900 V3
OceanStor 5800 V3 with software V300R002C00 and V300R002C10, OceanStor 6900 V3 V300R001C00
Published
Nov 22, 2017
Tracked Since
Feb 18, 2026