First published: Wed Nov 22 2017(Updated: )
FusionSphere OpenStack V100R006C00SPC102(NFV)has a command injection vulnerability. Due to lack of validation, an attacker with high privilege may inject malicious code into some module of the affected products, causing code execution.
Credit: psirt@huawei.com
Affected Software | Affected Version | How to fix |
---|---|---|
Huawei FusionSphere OpenStack | =v100r006c00spc102\(nfv\) |
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
The vulnerability ID for this command injection vulnerability is CVE-2017-8188.
The severity level of CVE-2017-8188 is high with a score of 7.2.
The affected software for CVE-2017-8188 is Huawei FusionSphere OpenStack V100R006C00SPC102(NFV) with a version of v100r006c00spc102.
CVE-2017-8188 can allow an attacker with high privilege to inject malicious code into affected products, leading to code execution.
Please refer to the following reference link for more information on available fixes: http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20171018-01-fusionsphere-en