{"resultsPerPage":1,"startIndex":0,"totalResults":1,"format":"NVD_CVE","version":"2.0","timestamp":"2026-05-02T10:43:11.149","vulnerabilities":[{"cve":{"id":"CVE-2017-2720","sourceIdentifier":"psirt@huawei.com","published":"2017-11-22T19:29:01.350","lastModified":"2025-04-20T01:37:25.860","vulnStatus":"Deferred","cveTags":[],"descriptions":[{"lang":"en","value":"FusionSphere OpenStack V100R006C00 has an information exposure vulnerability. The software uses hard-coded cryptographic key to encrypt messages between certain components, which significantly increases the possibility that encrypted data may be recovered and results in information exposure."},{"lang":"es","value":"FusionSphere OpenStack V100R006C00 tiene una vulnerabilidad de divulgación de información. El software emplea claves criptográficas embebidas para cifrar mensajes entre ciertos componentes. Esto incrementa significativamente las posibilidades de que los datos cifrados se recuperen y se dé como resultado una divulgación de información."}],"metrics":{"cvssMetricV30":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.0","vectorString":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N","baseScore":5.3,"baseSeverity":"MEDIUM","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"LOW","integrityImpact":"NONE","availabilityImpact":"NONE"},"exploitabilityScore":3.9,"impactScore":1.4}],"cvssMetricV2":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"2.0","vectorString":"AV:N/AC:L/Au:N/C:P/I:N/A:N","baseScore":5.0,"accessVector":"NETWORK","accessComplexity":"LOW","authentication":"NONE","confidentialityImpact":"PARTIAL","integrityImpact":"NONE","availabilityImpact":"NONE"},"baseSeverity":"MEDIUM","exploitabilityScore":10.0,"impactScore":2.9,"acInsufInfo":false,"obtainAllPrivilege":false,"obtainUserPrivilege":false,"obtainOtherPrivilege":false,"userInteractionRequired":false}]},"weaknesses":[{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"CWE-798"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:huawei:fusionsphere_openstack:v100r006c00:*:*:*:*:*:*:*","matchCriteriaId":"4CB1DB1F-5CAC-486C-AECF-59E9793F50AB"}]}]}],"references":[{"url":"http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20170920-01-fusionsphere-en","source":"psirt@huawei.com","tags":["Vendor Advisory"]},{"url":"http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20170920-01-fusionsphere-en","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Vendor Advisory"]}]}}]}