Main Vulnerability Database SB2018112710

SB2018112710 - Information disclosure in Huawei FusionSphere OpenStack

Published: November 27, 2018 Updated: August 8, 2020

Security Bulletin ID SB2018112710

CSH Severity

Medium

Patch available

YES

Number of vulnerabilities 1

Exploitation vector Remote access

Highest impact Information disclosure

Breakdown by Severity

Low
Medium
High
Critical

Description

This security bulletin contains information about 1 vulnerability.

1) Information disclosure (CVE-ID: CVE-2018-7977)

The vulnerability allows a remote non-authenticated attacker to gain access to sensitive information.

There is an information leakage vulnerability on several Huawei products. Due to insufficient communication protection for specific services, a remote, unauthorized attacker can exploit this vulnerability to connect to specific services to obtain additional information. Successful exploitation of this vulnerability can lead to information leakage.

Remediation

Install update from vendor's website.

References

http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20181114-01-fusionsphere-en