There is an improper authentication vulnerability in some verisons of Huawei CloudEngine product. A module does not verify the input file properly. Attackers can exploit this vulnerability by crafting malicious files to bypass current verification mechanism. This can compromise normal service.
[
{
"product": "CloudEngine 12800",
"vendor": "Huawei",
"versions": [
{
"status": "affected",
"version": "V200R019C00SPC800"
}
]
},
{
"product": "CloudEngine 5800",
"vendor": "Huawei",
"versions": [
{
"status": "affected",
"version": "V200R019C00SPC800"
}
]
},
{
"product": "CloudEngine 6800",
"vendor": "Huawei",
"versions": [
{
"status": "affected",
"version": "V200R005C20SPC800"
},
{
"status": "affected",
"version": "V200R019C00SPC800"
}
]
},
{
"product": "CloudEngine 7800",
"vendor": "Huawei",
"versions": [
{
"status": "affected",
"version": "V200R019C00SPC800"
}
]
}
]