CVE-2017-8192

EUVD-2017-17154
FusionSphere OpenStack V100R006C00 has an improper authorization vulnerability. Due to improper authorization, an attacker with low privilege may exploit this vulnerability to obtain the operation authority of some specific directory, causing privilege escalation.
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTPrimary
7.8 HIGH
LOCAL
LOW
LOW
CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Awaiting analysis
This vulnerability is currently awaiting analysis.
Base Score
CVSS 3.x
EPSS Score
Percentile: 5%
Common Weakness Enumeration
References
http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20171025-01-fustionsphere-en
http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20171025-01-fustionsphere-en