CVE-2017-8168

EUVD-2017-17130
FusionSphere OpenStack with software V100R006C00SPC102(NFV) and V100R006C10 have an information leak vulnerability. Due to an incorrect configuration item, the information transmitted by a transmission channel is not encrypted. An attacker accessing the internal network may obtain sensitive information transmitted.
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTPrimary
4.3 MEDIUM
ADJACENT_NETWORK
LOW
NONE
CVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
Awaiting analysis
This vulnerability is currently awaiting analysis.
Base Score
CVSS 3.x
EPSS Score
Percentile: 5%
Common Weakness Enumeration
References
http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20171025-01-openstack-en
http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20171025-01-openstack-en