3 matches found
Huawei GaussDB 200 OLAP 6.5.1 Multiple Vulnerabilities
Huawei GaussDB 200 is affected by multiple command injection and path traversal vulnerabilities. Copyright C 2020 Greenbone Networks GmbH SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can redistribute it and/or modify it under the terms of the GNU General Public...
CVE-2020-1790
The CVE-2020-1790 entry concerns Huawei GaussDB 200 OLAP (version 6.5.1). The root cause is command construction that incorporates external user input without sufficient validation, enabling possible command injection. Documented impact is execution of arbitrary commands on the affected system. E...
Security Advisory - Command Injection Vulnerability in GaussDB 200
There is a command injection vulnerability in GaussDB 200. The software constructs part of a command using external input from users, but the software does not sufficiently validate the user input. Successful exploit could allow the attacker to inject certain commands. Vulnerability ID:...