{"resultsPerPage":1,"startIndex":0,"totalResults":1,"format":"NVD_CVE","version":"2.0","timestamp":"2026-04-30T00:43:42.430","vulnerabilities":[{"cve":{"id":"CVE-2017-8158","sourceIdentifier":"psirt@huawei.com","published":"2017-11-22T19:29:03.647","lastModified":"2025-04-20T01:37:25.860","vulnStatus":"Deferred","cveTags":[],"descriptions":[{"lang":"en","value":"FusionCompute V100R005C00 and V100R005C10 have an improper authorization vulnerability due to improper permission settings for a certain file on the host machine. An authenticated attacker could create a large number of virtual machine (VM) processes to exhaust system resources. Successful exploit could make new VMs unavailable."},{"lang":"es","value":"FusionCompute V100R005C00 y V100R005C10 tiene una vulnerabilidad de autorización incorrecta debido a una configuración de permisos incorrecta para un archivo determinado en la máquina host. Un atacante autenticado podría crear un gran número de procesos de máquina virtual para agotar los recursos del sistema. Un exploit exitoso podría hacer que las nuevas máquinas virtuales no estén disponibles."}],"metrics":{"cvssMetricV30":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.0","vectorString":"CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:C/C:N/I:N/A:H","baseScore":6.5,"baseSeverity":"MEDIUM","attackVector":"LOCAL","attackComplexity":"LOW","privilegesRequired":"LOW","userInteraction":"NONE","scope":"CHANGED","confidentialityImpact":"NONE","integrityImpact":"NONE","availabilityImpact":"HIGH"},"exploitabilityScore":2.0,"impactScore":4.0}],"cvssMetricV2":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"2.0","vectorString":"AV:L/AC:L/Au:N/C:N/I:N/A:C","baseScore":4.9,"accessVector":"LOCAL","accessComplexity":"LOW","authentication":"NONE","confidentialityImpact":"NONE","integrityImpact":"NONE","availabilityImpact":"COMPLETE"},"baseSeverity":"MEDIUM","exploitabilityScore":3.9,"impactScore":6.9,"acInsufInfo":false,"obtainAllPrivilege":false,"obtainUserPrivilege":false,"obtainOtherPrivilege":false,"userInteractionRequired":false}]},"weaknesses":[{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"CWE-732"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:huawei:fusioncompute:v100r005c00:*:*:*:*:*:*:*","matchCriteriaId":"8F40C57C-331D-4ED6-98A2-47AB5272EB4C"},{"vulnerable":true,"criteria":"cpe:2.3:a:huawei:fusioncompute:v100r005c10:*:*:*:*:*:*:*","matchCriteriaId":"87FBF1BD-8FB0-4C5B-A05E-1FD26F4C4466"}]}]}],"references":[{"url":"http://www.huawei.com/en/psirt/security-advisories/2017/huawei-sa-20170927-01-dos-en","source":"psirt@huawei.com","tags":["Vendor Advisory"]},{"url":"http://www.huawei.com/en/psirt/security-advisories/2017/huawei-sa-20170927-01-dos-en","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Vendor Advisory"]}]}}]}