Information Leakage Vulnerability in Huawei Products
CVE-2018-7977

7.5HIGH

Key Information:

Vendor: McAfee
Status: Fusionsphere Openstack
Vendor: CVE Published:; 27 November 2018

What is CVE-2018-7977?

A vulnerability exists in several Huawei products due to insufficient protection during communication for certain services. This weakness can be exploited by a remote, unauthorized attacker, allowing them to interact with the vulnerable services and potentially access confidential information. The effective exploitation of this flaw may lead to unauthorized information disclosure, posing significant risks to users and associated enterprises.

Affected Version(s)

FusionSphere OpenStack V100R006C00

References

http://www.huawei.com/en/psirt/security-advisories/huawei...

x_refsource_CONFIRM

CVSS V3.1

Score:

7.5

Severity:

HIGH

Confidentiality:

High

Integrity:

None

Availability:

High

Attack Vector:

Network

Attack Complexity:

Low

Privileges Required:

None

User Interaction:

None

Scope:

Unchanged

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Nov 27, 2018
Vulnerability Reserved
Mar 9, 2018

McAfee

What is CVE-2018-7977?

Affected Version(s)

References

CVSS V3.1

Timeline