CVE-2017-8190

medium

Published 2017-11-22 · Modified 2026-05-13

CVSS v3

6.7

CVSS:3.0/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H

CVSS v2

4.6

VIR risk

6.7

Description

FusionSphere OpenStack V100R006C00SPC102(NFV)has an improper verification of cryptographic signature vulnerability. The software does not verify the cryptographic signature. An attacker with high privilege may exploit this vulnerability to inject malicious software.

Predictions

Exploit likelihood

66%

Patch ETA

—

Heuristic predictions, AS-IS, for prioritization only.

Mitigations

vendor Authored 2026-05-27

Vendor advisory: psirt@huawei.com — http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20171018-01-fusionsphere-en

References

http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20171018-01-fusionsphere-en
http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20171018-01-fusionsphere-en

CWEs

CWE-347

Verify integrity in audit chain (admin only). AS-IS.