CVE-2017-15352 Information

Feb 14, 2021 cve

Description

Huawei OceanStor 2800 V3 V300R003C00 V300R003C20 OceanStor 5300 V3 V300R003C00 V300R003C10 V300R003C20 OceanStor 5500 V3 V300R003C00 V300R003C10 V300R003C20 OceanStor 5600 V3 V300R003C00 V300R003C10 V300R003C20 OceanStor 5800 V3 V300R003C00 V300R003C10 V300R003C20 have an improper access control vulnerability. Due to incorrectly restrict access to a resource an attacker with high privilege may exploit the vulnerability to query some information or send specific message to cause some service abnormal.

CVSS Vector

CVSS:3.0/AV:A/AC:H/PR:H/UI:N/S:U/C:L/I:N/A:L

Reference

http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20171122-01-oceanstor-en

Attack Complexity

HIGH

Privileges Required

HIGH

User Interaction Required

HIGH

Scope

NONE

Confidentiality Impact

UNCHANGED

Integrity Impact

LOW

Availability Impact

NONE

Base Score

LOW

Base Severity

3.1

Share on: