CVE-2017-8192
HIGHFusionSphere OpenStack V100R006C00 - Incorrect Authorization
Title source: llmDescription
FusionSphere OpenStack V100R006C00 has an improper authorization vulnerability. Due to improper authorization, an attacker with low privilege may exploit this vulnerability to obtain the operation authority of some specific directory, causing privilege escalation.
References (1)
Core 1
Core References
Vendor Advisory x_refsource_confirm
http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20171025-01-fustionsphere-en
Scores
CVSS v3
7.8
EPSS
0.0002
EPSS Percentile
6.8%
Attack Vector
LOCAL
CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Details
CWE
CWE-863
Status
published
Products (2)
huawei/fusionsphere_openstack
v100r006c00
Huawei Technologies Co., Ltd./FusionSphere OpenStack
V100R006C00
Published
Nov 22, 2017
Tracked Since
Feb 18, 2026