Total
3 CVE
CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
---|---|---|---|---|---|
CVE-2017-8198 | 1 Huawei | 1 Fusionsphere | 2024-11-21 | 6.5 MEDIUM | 7.2 HIGH |
FusionSphere V100R006C00SPC102(NFV) has an SQL injection vulnerability. An authenticated, remote attacker could craft interface messages carrying malicious SQL statements and send them to a target device. Successful exploit could allow the attacker to launch an SQL injection attack and execute SQL commands. | |||||
CVE-2017-8197 | 1 Huawei | 1 Fusionsphere | 2024-11-21 | 9.0 HIGH | 7.2 HIGH |
FusionSphere V100R006C00SPC102(NFV) has a command injection vulnerability. An authenticated, remote attacker could craft packets with malicious strings and send them to a target device. Successful exploit could allow the attacker to launch a command injection attack and execute system commands. | |||||
CVE-2017-8196 | 1 Huawei | 1 Fusionsphere | 2024-11-21 | 4.6 MEDIUM | 4.2 MEDIUM |
FusionSphere V100R006C00SPC102(NFV) has an incorrect authorization vulnerability. An authenticated attacker could execute commands that he/she should have had no permission to perform, thereby querying, modifying, and deleting certain service data and making the service unavailable. |