cvelist/2017/8xxx/CVE-2017-8190.json

{
   "CVE_data_meta" : {
      "ASSIGNER" : "psirt@huawei.com",
      "DATE_PUBLIC" : "2017-11-15T00:00:00",
      "ID" : "CVE-2017-8190",
      "STATE" : "PUBLIC"
   },
   "affects" : {
      "vendor" : {
         "vendor_data" : [
            {
               "product" : {
                  "product_data" : [
                     {
                        "product_name" : "FusionSphere OpenStack",
                        "version" : {
                           "version_data" : [
                              {
                                 "version_value" : "V100R006C00SPC102(NFV)"
                              }
                           ]
                        }
                     }
                  ]
               },
               "vendor_name" : "Huawei Technologies Co., Ltd."
            }
         ]
      }
   },
   "data_format" : "MITRE",
   "data_type" : "CVE",
   "data_version" : "4.0",
   "description" : {
      "description_data" : [
         {
            "lang" : "eng",
            "value" : "FusionSphere OpenStack V100R006C00SPC102(NFV)has an improper verification of cryptographic signature vulnerability. The software does not verify the cryptographic signature. An attacker with high privilege may exploit this vulnerability to inject malicious software."
         }
      ]
   },
   "problemtype" : {
      "problemtype_data" : [
         {
            "description" : [
               {
                  "lang" : "eng",
                  "value" : "improper verification of cryptographic signature"
               }
            ]
         }
      ]
   },
   "references" : {
      "reference_data" : [
         {
            "name" : "http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20171018-01-fusionsphere-en",
            "refsource" : "CONFIRM",
            "url" : "http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20171018-01-fusionsphere-en"
         }
      ]
   }
}
- Populated repo from CVE List. 2017-10-16 12:31:07 -04:00			`{`
			`"CVE_data_meta" : {`
Publication request for Huawei 20171122 2017-11-22 13:24:24 -05:00			`"ASSIGNER" : "psirt@huawei.com",`
			`"DATE_PUBLIC" : "2017-11-15T00:00:00",`
- Populated repo from CVE List. 2017-10-16 12:31:07 -04:00			`"ID" : "CVE-2017-8190",`
Publication request for Huawei 20171122 2017-11-22 13:24:24 -05:00			`"STATE" : "PUBLIC"`
			`},`
			`"affects" : {`
			`"vendor" : {`
			`"vendor_data" : [`
			`{`
			`"product" : {`
			`"product_data" : [`
			`{`
			`"product_name" : "FusionSphere OpenStack",`
			`"version" : {`
			`"version_data" : [`
			`{`
			`"version_value" : "V100R006C00SPC102(NFV)"`
			`}`
			`]`
			`}`
			`}`
			`]`
			`},`
			`"vendor_name" : "Huawei Technologies Co., Ltd."`
			`}`
			`]`
			`}`
- Populated repo from CVE List. 2017-10-16 12:31:07 -04:00			`},`
			`"data_format" : "MITRE",`
			`"data_type" : "CVE",`
			`"data_version" : "4.0",`
			`"description" : {`
			`"description_data" : [`
			`{`
			`"lang" : "eng",`
Publication request for Huawei 20171122 2017-11-22 13:24:24 -05:00			`"value" : "FusionSphere OpenStack V100R006C00SPC102(NFV)has an improper verification of cryptographic signature vulnerability. The software does not verify the cryptographic signature. An attacker with high privilege may exploit this vulnerability to inject malicious software."`
			`}`
			`]`
			`},`
			`"problemtype" : {`
			`"problemtype_data" : [`
			`{`
			`"description" : [`
			`{`
			`"lang" : "eng",`
			`"value" : "improper verification of cryptographic signature"`
			`}`
			`]`
			`}`
			`]`
			`},`
			`"references" : {`
			`"reference_data" : [`
			`{`
- Added 'refsource' and 'name' attributes for reference urls and aligned treatment of whitespace in descriptions with data downloads. 2018-04-05 09:33:01 -04:00			`"name" : "http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20171018-01-fusionsphere-en",`
			`"refsource" : "CONFIRM",`
Publication request for Huawei 20171122 2017-11-22 13:24:24 -05:00			`"url" : "http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20171018-01-fusionsphere-en"`
- Populated repo from CVE List. 2017-10-16 12:31:07 -04:00			`}`
			`]`
			`}`
			`}`