CVE-2017-8194
First published: Wed Nov 22 2017(Updated: )
The FusionSphere OpenStack V100R006C00SPC102(NFV) has an improper authentication vulnerability. Due to improper authentication on one port, an authenticated, remote attacker may exploit the vulnerability to execute more operations by send a crafted rest message.
Credit: psirt@huawei.com
| Affected Software | Affected Version | How to fix |
|---|---|---|
| Huawei FusionSphere OpenStack | =v100r006c00spc102\(nfv\) |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
Frequently Asked Questions
What is the vulnerability ID for this FusionSphere OpenStack vulnerability?
The vulnerability ID for this FusionSphere OpenStack vulnerability is CVE-2017-8194.
What is the severity level of CVE-2017-8194?
The severity level of CVE-2017-8194 is high with a CVSS score of 8.8.
How does the improper authentication vulnerability in FusionSphere OpenStack V100R006C00SPC102(NFV) work?
Due to improper authentication on one port, an authenticated, remote attacker may exploit the vulnerability to execute more operations by sending a crafted REST message.
Which versions of Huawei FusionSphere OpenStack are affected by CVE-2017-8194?
The vulnerability affects Huawei FusionSphere OpenStack v100r006c00spc102(NFV).
How can I fix the improper authentication vulnerability in FusionSphere OpenStack?
To fix the vulnerability, apply the necessary security patches provided by Huawei.
- collector/nvd-index
- agent/type
- agent/references
- agent/softwarecombine
- collector/mitre-cve
- source/MITRE
- agent/author
- agent/severity
- agent/weakness
- agent/last-modified-date
- agent/tags
- agent/first-publish-date
- agent/event
- agent/description
- agent/source
- vendor/huawei
- canonical/huawei fusionsphere openstack
- version/huawei fusionsphere openstack/v100r006c00spc102\(nfv\)