Vulnerability Description
Huawei OceanStor 2800 V3, V300R003C00, V300R003C20, OceanStor 5300 V3, V300R003C00, V300R003C10, V300R003C20, OceanStor 5500 V3, V300R003C00, V300R003C10, V300R003C20, OceanStor 5600 V3, V300R003C00, V300R003C10, V300R003C20, OceanStor 5800 V3, V300R003C00, V300R003C10, V300R003C20 have an improper access control vulnerability. Due to incorrectly restrict access to a resource, an attacker with high privilege may exploit the vulnerability to query some information or send specific message to cause some service abnormal.
CVSS Score
LOW
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Huawei | Oceanstor 2800 Firmware | v300r003c00 |
| Huawei | Oceanstor 2800 | - |
| Huawei | Oceanstor 5300 Firmware | v300r003c00 |
| Huawei | Oceanstor 5300 | - |
| Huawei | Oceanstor 5500 Firmware | v300r003c00 |
| Huawei | Oceanstor 5500 | - |
| Huawei | Oceanstor 5600 Firmware | v300r003c00 |
| Huawei | Oceanstor 5600 | - |
| Huawei | Oceanstor 5800 Firmware | v300r003c00 |
| Huawei | Oceanstor 5800 | - |
Related Weaknesses (CWE)
References
- http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20171122-01-oceanstVendor Advisory
- http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20171122-01-oceanstVendor Advisory
FAQ
What is CVE-2017-15352?
CVE-2017-15352 is a vulnerability with a CVSS score of 3.1 (LOW). Huawei OceanStor 2800 V3, V300R003C00, V300R003C20, OceanStor 5300 V3, V300R003C00, V300R003C10, V300R003C20, OceanStor 5500 V3, V300R003C00, V300R003C10, V300R003C20, OceanStor 5600 V3, V300R003C00, ...
How severe is CVE-2017-15352?
CVE-2017-15352 has been rated LOW with a CVSS base score of 3.1/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2017-15352?
Check the references section above for vendor advisories and patch information. Affected products include: Huawei Oceanstor 2800 Firmware, Huawei Oceanstor 2800, Huawei Oceanstor 5300 Firmware, Huawei Oceanstor 5300, Huawei Oceanstor 5500 Firmware.