CVE-2017-8190

Published: Nov 22, 2017Modified: May 13, 2026

6.7

Vector

CVSS:3.0/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H

Exploitability: 0.8 / Impact: 5.9

Source: NVD

Description

FusionSphere OpenStack V100R006C00SPC102(NFV)has an improper verification of cryptographic signature vulnerability. The software does not verify the cryptographic signature. An attacker with high privilege may exploit this vulnerability to inject malicious software.

Affected (1)

Products: Huawei: Fusionsphere Openstack

1 product

Fusionsphere Openstack

Configuration A

1 vulnerable

Vulnerable Software	Affected Versions
Huawei Fusionsphere Openstack	Version v100r006c00spc102(nfv)

Related CWEs

Improper Verification of Cryptographic Signature

The product does not verify, or incorrectly verifies, the cryptographic signature for data.

References (2)

http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20171018-01-fusionsphere-en

Source: psirt@huawei.com

Vendor Advisory

http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20171018-01-fusionsphere-en

Source: af854a3a-2127-422b-91ae-364da2661108

Vendor Advisory

Timeline

No history available yet.