Hard-coded Cryptographic Key Vulnerability in FusionSphere OpenStack V100R006C00

Hard-coded Cryptographic Key Vulnerability in FusionSphere OpenStack V100R006C00

CVE-2017-2720 · MEDIUM Severity

AV:N/AC:L/AU:N/C:P/I:N/A:N

FusionSphere OpenStack V100R006C00 has an information exposure vulnerability. The software uses hard-coded cryptographic key to encrypt messages between certain components, which significantly increases the possibility that encrypted data may be recovered and results in information exposure.

Learn more about our Web Application Penetration Testing UK.