First published: Wed Nov 22 2017(Updated: )
FusionCompute V100R005C00 and V100R005C10 have an improper authorization vulnerability due to improper permission settings for a certain file on the host machine. An authenticated attacker could create a large number of virtual machine (VM) processes to exhaust system resources. Successful exploit could make new VMs unavailable.
Credit: psirt@huawei.com
Affected Software | Affected Version | How to fix |
---|---|---|
Huawei FusionCompute | =v100r005c00 | |
Huawei FusionCompute | =v100r005c10 |
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
The vulnerability ID for this FusionCompute vulnerability is CVE-2017-8158.
The severity level of CVE-2017-8158 is medium.
An attacker can exploit CVE-2017-8158 by creating a large number of virtual machine processes to exhaust system resources.
FusionCompute V100R005C00 and V100R005C10 are affected by CVE-2017-8158.
To fix CVE-2017-8158, users should apply the necessary patches or updates provided by Huawei.