172 matches found
Privilege escalation
FusionCompute versions 6.3.0, 6.3.1, 6.5.0, 6.5.1 and 8.0.0 have a privilege escalation vulnerability. Due to improper privilege management, an attacker with common privilege may access some specific files and get the administrator privilege in the affected products. Successful exploit will cause...
CVE-2020-9116
Huawei FusionCompute versions 6.5.1 and 8.0.0 have a command injection vulnerability. An authenticated, remote attacker can craft specific request to exploit this vulnerability. Due to insufficient verification, this could be exploited to cause the attackers to obtain higher privilege...
CVE-2020-9116
Huawei FusionCompute versions 6.5.1 and 8.0.0 have a command injection vulnerability. An authenticated, remote attacker can craft specific request to exploit this vulnerability. Due to insufficient verification, this could be exploited to cause the attackers to obtain higher privilege...
Command injection
Huawei FusionCompute versions 6.5.1 and 8.0.0 have a command injection vulnerability. An authenticated, remote attacker can craft specific request to exploit this vulnerability. Due to insufficient verification, this could be exploited to cause the attackers to obtain higher privilege...
CVE-2020-9114
CVE-2020-9114 affects Huawei FusionCompute: versions 6.3.0, 6.3.1, 6.5.0, 6.5.1 and 8.0.0 contain a privilege escalation vulnerability caused by improper privilege management. An attacker with common privileges can access certain files and obtain administrator privileges, leading to full compromi...
CVE-2020-9114
FusionCompute versions 6.3.0, 6.3.1, 6.5.0, 6.5.1 and 8.0.0 have a privilege escalation vulnerability. Due to improper privilege management, an attacker with common privilege may access some specific files and get the administrator privilege in the affected products. Successful exploit will cause...
Huawei FusionCompute Command Injection Vulnerability (CNVD-2020-68551)
FusionCompute is Huawei's self-developed computing virtualization software. A command injection vulnerability exists in FusionCompute 6.5.1, 8.0.0. The vulnerability stems from insufficient authentication. An attacker can exploit the vulnerability to gain higher privileges via a specially crafted...
Huawei FusionCompute Elevation of Privilege Vulnerability
FusionCompute is Huawei's self-developed computing virtualization software. An elevation of privilege vulnerability exists in FusionCompute 6.3.0, 6.3.1, 6.5.0, 6.5.1, 8.0.0. The vulnerability stems from improper privilege management. An attacker with normal privileges could exploit the...
CVE-2020-9116
Huawei FusionCompute versions 6.5.1 and 8.0.0 have a command injection vulnerability. An authenticated, remote attacker can craft specific request to exploit this vulnerability. Due to insufficient verification, this could be exploited to cause the attackers to obtain higher privilege...
CVE-2020-9116
Huawei FusionCompute targets 6.5.1 and 8.0.0 and contains a command injection vulnerability. The issue arises from insufficient verification, allowing an authenticated, remote attacker to craft a request and potentially obtain higher privileges. Affected software is Huawei FusionCompute; remediat...
Huawei FusionCompute 命令注入漏洞
FusionCompute is Huawei's self-developed computing virtualization software. A command injection vulnerability exists in FusionCompute 6.5.1, 8.0.0. The vulnerability stems from insufficient authentication. An attacker can exploit the vulnerability to gain higher privileges via a specially crafted...
Huawei FusionCompute 权限许可和访问控制问题漏洞
FusionCompute is Huawei's self-developed computing virtualization software. An elevation of privilege vulnerability exists in FusionCompute 6.3.0, 6.3.1, 6.5.0, 6.5.1, 8.0.0. The vulnerability stems from improper privilege management. An attacker with normal privileges could exploit the...
Huawei FusionCompute Encryption Issue Vulnerability
Huawei FusionCompute is a software for virtualization support from Huawei, a Chinese company. The software is a virtualization engine that provides virtualization support for cloud hosts. A security vulnerability exists in FusionCompute version 8.0.0, which can be exploited by an attacker with...
Security Advisory - Command Injection Vulnerability in Huawei FusionCompute Product
There is a command injection vulnerability in Huawei FusionCompute product. An authenticated, remote attacker can craft specific request to exploit this vulnerability. Due to insufficient verification, this could be exploited to cause the attackers to obtain higher privilege. Vulnerability ID:...
Security Advisory - Privilege Escalation Vulnerability in FusionCompute Product
There is a privilege escalation vulnerability in FusionCompute product. Due to improper privilege management, an attacker with common privilege may access some specific files and get the administrator privilege in the affected products. Successful exploit will cause privilege escalation...
CVE-2020-9128
FusionCompute versions 8.0.0 have an insecure encryption algorithm vulnerability. Attackers with high permissions can exploit this vulnerability to cause information leak...
CVE-2020-9128
FusionCompute versions 8.0.0 have an insecure encryption algorithm vulnerability. Attackers with high permissions can exploit this vulnerability to cause information leak...
Design/Logic Flaw
FusionCompute versions 8.0.0 have an insecure encryption algorithm vulnerability. Attackers with high permissions can exploit this vulnerability to cause information leak...
CVE-2020-9128
FusionCompute versions 8.0.0 have an insecure encryption algorithm vulnerability. Attackers with high permissions can exploit this vulnerability to cause information leak...
CVE-2020-9128
CVE-2020-9128 affects Huawei FusionCompute 8.0.0, where an insecure encryption algorithm leads to partial information disclosure. Exploitation is described for attackers with elevated permissions, enabling information leak rather than full compromise. The Red Hat, CNVD, NVD and other feeds corrob...