CVE-2017-8190Improper Verification of Cryptographic Signature in Technologies CO LTD Fusionsphere Openstack

CWE-347Improper Verification of Cryptographic Signature3 documents3 sources
Severity
6.7MEDIUMNVD
EPSS
0.0%
top 98.18%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
2
Huawei Technologies CO LTD Fusionsphere OpenstackHuawei Fusionsphere Openstack
Timeline
PublishedNov 22
Latest updateMay 17

Description

FusionSphere OpenStack V100R006C00SPC102(NFV)has an improper verification of cryptographic signature vulnerability. The software does not verify the cryptographic signature. An attacker with high privilege may exploit this vulnerability to inject malicious software.

CVSS vector

CVSS:3.0/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:HExploitability: 0.8 | Impact: 5.9

Affected Packages2 packages

NVDhuawei/fusionsphere_openstackv100r006c00spc102\(nfv\)
CVEListV5huawei_technologies_co_ltd/fusionsphere_openstackV100R006C00SPC102(NFV)

🔴Vulnerability Details

2
GHSA
GHSA-wgjg-8jrw-h95f: FusionSphere OpenStack V100R006C00SPC102(NFV)has an improper verification of cryptographic signature vulnerability2022-05-17
CVEList
CVE-2017-8190: FusionSphere OpenStack V100R006C00SPC102(NFV)has an improper verification of cryptographic signature vulnerability2017-11-22
CVE-2017-8190 — MEDIUM severity | cvebase