CVE-2017-15352

LOW Year: 2017
CVSS v3 Score
3.1
Low
CVSS v2 Score
2.9
Low
Weakness Type
CWE-732
View all →

Vulnerability Description

Huawei OceanStor 2800 V3, V300R003C00, V300R003C20, OceanStor 5300 V3, V300R003C00, V300R003C10, V300R003C20, OceanStor 5500 V3, V300R003C00, V300R003C10, V300R003C20, OceanStor 5600 V3, V300R003C00, V300R003C10, V300R003C20, OceanStor 5800 V3, V300R003C00, V300R003C10, V300R003C20 have an improper access control vulnerability. Due to incorrectly restrict access to a resource, an attacker with high privilege may exploit the vulnerability to query some information or send specific message to cause some service abnormal.

Related Vulnerabilities

CVE-2012-6655

LOW
CVSS:3.3(Low)

An issue exists AccountService 0.6.37 in the user_change_password_authorized_cb() function in user.c which could let a local users obtain encrypted passwords.

CWE-7322012

CVE-2016-4983

LOW
CVSS:3.3(Low)

A postinstall script in the dovecot rpm allows local users to read the contents of newly created SSL/TLS key files.

CWE-7322016

CVE-2017-1699

LOW
CVSS:3.3(Low)

IBM MQ Managed File Transfer Agent 8.0 and 9.0 sets insecure permissions on certain files it creates. A local attacker could exploit this vulnerability to modify or delete data contained in the files ...

CWE-7322017

CVE-2017-1716

LOW
CVSS:3.3(Low)

IBM Tivoli Workload Scheduler 8.6.0, 9.1.0, and 9.2.0 could disclose sensitive information to a local attacker due to improper permission settings. IBM X-Force ID: 134638.

CWE-7322017

CVE-2018-12209

LOW
CVSS:3.3(Low)

Insufficient access control in User Mode Driver in Intel(R) Graphics Driver for Windows* before versions 10.18.x.5059 (aka 15.33.x.5059), 10.18.x.5057 (aka 15.36.x.5057), 20.19.x.5063 (aka 15.40.x.506...

CWE-7322018

CVE-2018-20936

LOW
CVSS:3.3(Low)

cPanel before 68.0.27 allows attackers to read the SRS secret via exim.conf (SEC-308).

CWE-7322018