CVE-2017-15352
Description
Huawei OceanStor 2800 V3, V300R003C00, V300R003C20, OceanStor 5300 V3, V300R003C00, V300R003C10, V300R003C20, OceanStor 5500 V3, V300R003C00, V300R003C10, V300R003C20, OceanStor 5600 V3, V300R003C00, V300R003C10, V300R003C20, OceanStor 5800 V3, V300R003C00, V300R003C10, V300R003C20 have an improper access control vulnerability. Due to incorrectly restrict access to a resource, an attacker with high privilege may exploit the vulnerability to query some information or send specific message to cause some service abnormal.
Risk Information
Base Score
3.1
MODERATE
Vector
CVSS:3.0/AV:A/AC:H/PR:H/UI:N/S:U/C:L/I:N/A:L
EPSS Score
Exploitation Probability
0.034
Associated Vulnerability
| Vulnerability | OS Platform |
|---|---|
| Vulnerabilities CVE-2017-15352 are affected in oceanstor_2800_firmware v300r003c20 | NCM |
| Vulnerabilities CVE-2017-15352 are affected in oceanstor_2800_firmware v300r003c00 | NCM |
| Incorrect Permission Assignment for Critical Resource Vulnerability (CVE-2017-15352) | NCM |
Patch Details
No records foundReferences
https://nvd.nist.gov/vuln/detail/CVE-2023-1234
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-1234