CVE-2017-15352

Name of the Vulnerable Software and Affected Versions: Huawei OceanStor 2800 V3 versions V300R003C00 through V300R003C20 Huawei OceanStor 5300 V3 versions V300R003C00 through V300R003C20 Huawei OceanStor 5500 V3 versions V300R003C00 through V300R003C20 Huawei OceanStor 5600 V3 versions V300R003C00 through V300R003C20 Huawei OceanStor 5800 V3 versions V300R003C00 through V300R003C20

Description: The issue is related to improper access control, where access to a resource is not correctly restricted. This could allow an attacker with high privilege to exploit the vulnerability, potentially querying some information or sending specific messages that could cause service abnormalities.

Recommendations: For Huawei OceanStor 2800 V3 versions V300R003C00 through V300R003C20, update to a version that properly restricts access to the vulnerable resource. For Huawei OceanStor 5300 V3 versions V300R003C00 through V300R003C20, update to a version that properly restricts access to the vulnerable resource. For Huawei OceanStor 5500 V3 versions V300R003C00 through V300R003C20, update to a version that properly restricts access to the vulnerable resource. For Huawei OceanStor 5600 V3 versions V300R003C00 through V300R003C20, update to a version that properly restricts access to the vulnerable resource. For Huawei OceanStor 5800 V3 versions V300R003C00 through V300R003C20, update to a version that properly restricts access to the vulnerable resource. As a temporary workaround, consider restricting access to the vulnerable resource until a patch is available.