CVE-2017-2714

CWE-119 — Buffer Overflow3 documents3 sources

Severity

8.0HIGH

EPSS

0.1%

top 82.23%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

Huawei Fusionsphere Openstack Huawei Technologies Co., Ltd. Fusionsphere Openstack

Timeline

PublishedNov 22

Latest updateMay 17

Description

The GaussDB in FusionSphere OpenStack V100R005C10SPC705 and earlier versions has a buffer overflow vulnerability. An authenticated attacker on the LAN can exploit this vulnerability to execute arbitrary code or cause a denial of service (DoS) condition in the affected system.

CVSS vector

CVSS:3.0/AV:A/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:HExploitability: 2.1 | Impact: 5.9

Affected Packages2 packages

▶NVDhuawei/fusionsphere_openstackv100r005c10spc705

▶CVEListV5huawei_technologies_co.,_ltd./fusionsphere_openstackV100R005C10SPC705 and earlier versions

🔴Vulnerability Details

GHSA

GHSA-734h-9hhw-9mwm: The GaussDB in FusionSphere OpenStack V100R005C10SPC705 and earlier versions has a buffer overflow vulnerability↗2022-05-17

▶

CVEList

CVE-2017-2714: The GaussDB in FusionSphere OpenStack V100R005C10SPC705 and earlier versions has a buffer overflow vulnerability↗2017-11-22

▶