PT-2017-18174 · Huawei · Fusionsphere Openstack
Publicado
2017-11-22
·
Atualizado
2019-10-03
·
CVE-2017-8168
CVSS v3.1
4.3
Média
| Vetor | AV:A/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N |
Name of the Vulnerable Software and Affected Versions
FusionSphere OpenStack versions V100R006C00SPC102(NFV) and V100R006C10
Description
The issue is related to an information leak due to an incorrect configuration item. This results in unencrypted information being transmitted by a transmission channel. An attacker with access to the internal network may be able to obtain sensitive information.
Recommendations
For FusionSphere OpenStack version V100R006C00SPC102(NFV), ensure that all configuration items are correctly set to encrypt transmitted information.
For FusionSphere OpenStack version V100R006C10, verify and adjust the configuration to enable encryption for all transmitted data.
Correção
Missing Encryption of Sensitive Data
Encontrou algum problema na descrição? Tem algo a acrescentar? Fique à vontade para nos escrever 👾
Enumeração de Fraquezas
Identificadores relacionados
Produtos afetados
Fusionsphere Openstack