Overview
- Description
- Huawei OceanStor UDS devices with software before V100R002C01SPC102 might allow remote attackers to capture and change patch loading information resulting in the deletion of directory files and compromise of system functions when loading a patch.
- Source
- cve@mitre.org
- NVD status
- Analyzed
Risk scores
CVSS 3.0
- Type
- Primary
- Base score
- 9.1
- Impact score
- 5.2
- Exploitability score
- 3.9
- Vector string
- CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:H
- Severity
- CRITICAL
CVSS 2.0
- Type
- Primary
- Base score
- 6.4
- Impact score
- 4.9
- Exploitability score
- 10
- Vector string
- AV:N/AC:L/Au:N/C:N/I:P/A:P
Weaknesses
- nvd@nist.gov
- CWE-200
Social media
- Hype score
- Not currently trending
Configurations
[
{
"nodes": [
{
"negate": false,
"cpeMatch": [
{
"criteria": "cpe:2.3:h:huawei:oceanstor_uds:-:*:*:*:*:*:*:*",
"vulnerable": false,
"matchCriteriaId": "AC160639-5146-4E47-B2A5-E8B466C8ABD2"
}
],
"operator": "OR"
},
{
"negate": false,
"cpeMatch": [
{
"criteria": "cpe:2.3:o:huawei:oceanstor_uds_firmware:*:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "9F34E772-46BC-49A7-B87F-A2DCF6AA6F41",
"versionEndExcluding": "100r002c01spc102"
}
],
"operator": "OR"
}
],
"operator": "AND"
}
]