- Description
- Huawei OceanStor UDS devices with software before V100R002C01SPC102 might allow remote attackers to capture and change patch loading information resulting in the deletion of directory files and compromise of system functions when loading a patch.
- Source
- cve@mitre.org
- NVD status
- Analyzed
CVSS 3.0
- Type
- Primary
- Base score
- 9.1
- Impact score
- 5.2
- Exploitability score
- 3.9
- Vector string
- CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:H
- Severity
- CRITICAL
CVSS 2.0
- Type
- Primary
- Base score
- 6.4
- Impact score
- 4.9
- Exploitability score
- 10
- Vector string
- AV:N/AC:L/Au:N/C:N/I:P/A:P
- nvd@nist.gov
- CWE-200
- Hype score
- Not currently trending
[
{
"nodes": [
{
"negate": false,
"cpeMatch": [
{
"criteria": "cpe:2.3:h:huawei:oceanstor_uds:-:*:*:*:*:*:*:*",
"vulnerable": false,
"matchCriteriaId": "AC160639-5146-4E47-B2A5-E8B466C8ABD2"
}
],
"operator": "OR"
},
{
"negate": false,
"cpeMatch": [
{
"criteria": "cpe:2.3:o:huawei:oceanstor_uds_firmware:*:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "9F34E772-46BC-49A7-B87F-A2DCF6AA6F41",
"versionEndExcluding": "100r002c01spc102"
}
],
"operator": "OR"
}
],
"operator": "AND"
}
]