CVE-2017-8190
MEDIUMFusionSphere OpenStack V100R006C00SPC102(NFV) - Improper Verification of Cryptographic Signature
Title source: llmDescription
FusionSphere OpenStack V100R006C00SPC102(NFV)has an improper verification of cryptographic signature vulnerability. The software does not verify the cryptographic signature. An attacker with high privilege may exploit this vulnerability to inject malicious software.
References (1)
Core 1
Core References
Vendor Advisory x_refsource_confirm
http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20171018-01-fusionsphere-en
Scores
CVSS v3
6.7
EPSS
0.0001
EPSS Percentile
1.9%
Attack Vector
LOCAL
CVSS:3.0/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
Details
CWE
CWE-347
Status
published
Products (2)
huawei/fusionsphere_openstack
v100r006c00spc102\(nfv\)
Huawei Technologies Co., Ltd./FusionSphere OpenStack
V100R006C00SPC102(NFV)
Published
Nov 22, 2017
Tracked Since
Feb 18, 2026