The FusionSphere OpenStack with software V100R006C00 and V100R006C10 has a command injection vulnerability due to the insufficient input validation on four TCP listening ports. An unauthenticated attacker can exploit the vulnerabilities to gain root privileges by sending some messages with malicious commands.
Metrics
Affected Vendors & Products
References
History
No history.
MITRE
Status: PUBLISHED
Assigner: huawei
Published: 2017-11-22T19:00:00Z
Updated: 2024-09-17T03:53:39.630Z
Reserved: 2017-04-25T00:00:00
Link: CVE-2017-8134
Vulnrichment
No data.
NVD
Status : Analyzed
Published: 2017-11-22T19:29:02.757
Modified: 2017-12-06T15:19:16.443
Link: CVE-2017-8134
Redhat
No data.