Fusioncompute
Sign in to watchby Huawei
CVEs (2)
| CVE | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|
| CVE-2017-8158 | Med | 0.42 | 6.5 | 0.00 | Nov 22, 2017 | FusionCompute V100R005C00 and V100R005C10 have an improper authorization vulnerability due to improper permission settings for a certain file on the host machine. An authenticated attacker could create a large number of virtual machine (VM) processes to exhaust system resources. Successful exploit could make new VMs unavailable. | |
| CVE-2016-6827 | Med | 0.42 | 6.5 | 0.00 | Sep 26, 2016 | Huawei FusionCompute before V100R005C10CP7002 stores cleartext AES keys in a file, which allows remote authenticated users to obtain sensitive information via unspecified vectors. |