First published: Wed Nov 22 2017(Updated: )
FusionSphere OpenStack with software V100R006C00SPC102(NFV) and V100R006C10 have an information leak vulnerability. Due to an incorrect configuration item, the information transmitted by a transmission channel is not encrypted. An attacker accessing the internal network may obtain sensitive information transmitted.
Credit: psirt@huawei.com
Affected Software | Affected Version | How to fix |
---|---|---|
Huawei Fusionsphere Openstack Firmware | =v100r006c00spc102\(nfv\) | |
Huawei Fusionsphere Openstack Firmware | =v100r006c10 |
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
CVE-2017-8168 is an information leak vulnerability in FusionSphere OpenStack with software V100R006C00SPC102(NFV) and V100R006C10.
The severity of CVE-2017-8168 is medium with a severity value of 4.3.
CVE-2017-8168 affects Huawei FusionSphere OpenStack versions V100R006C00SPC102(NFV) and V100R006C10.
An attacker accessing the internal network may exploit CVE-2017-8168 to obtain sensitive information due to an incorrect configuration item.
Please refer to the official Huawei security advisory at http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20171025-01-openstack-en for information on how to fix CVE-2017-8168.