CVE-2017-8187Improper Privilege Management in Technologies CO LTD Fusionsphere Openstack

CWE-269Improper Privilege Management3 documents3 sources
Severity
7.2HIGHNVD
EPSS
0.1%
top 76.28%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
2
Huawei Technologies CO LTD Fusionsphere OpenstackHuawei Fusionsphere Openstack Firmware
Timeline
PublishedMar 20
Latest updateMay 13

Description

Huawei FusionSphere OpenStack V100R006C00SPC102(NFV) has a privilege escalation vulnerability. Due to improper privilege restrictions, an attacker with high privilege may obtain the other users' certificates. Successful exploit may cause privilege escalation.

CVSS vector

CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:HExploitability: 1.2 | Impact: 5.9

Affected Packages2 packages

NVDhuawei/fusionsphere_openstack_firmwarev100r006c00spc102\(nfv\)
CVEListV5huawei_technologies_co_ltd/fusionsphere_openstackV100R006C00SPC102(NFV)

🔴Vulnerability Details

2
GHSA
GHSA-98fr-rpfg-wcvp: Huawei FusionSphere OpenStack V100R006C00SPC102(NFV) has a privilege escalation vulnerability2022-05-13
CVEList
CVE-2017-8187: Huawei FusionSphere OpenStack V100R006C00SPC102(NFV) has a privilege escalation vulnerability2018-03-20
CVE-2017-8187 — Improper Privilege Management | cvebase