Fusionaccess Security Vulnerabilities and Issues — Fusionaccess CVE List

Lucene search

HuaweiFusionaccess

5 matches found

CVE•added 2017/04/02 8:59 p.m.•33 views

CVE-2016-8779

Huawei FusionAccess with software V100R005C10 and V100R005C20 could allow remote attackers with specific permission to inject a Lightweight Directory Access Protocol (LDAP) operation command into a specific input variable to obtain sensitive information from the database.

6.5CVSS6.3AI score0.00098EPSS

CVE•added 2020/06/15 3:15 p.m.•33 views

CVE-2020-1825

FusionAccess with versions earlier than 6.5.1.SPC002 have a Denial of Service (DoS) vulnerability. Due to insufficient verification on specific input, attackers can exploit this vulnerability by sending constructed messages to the affected device through another device on the same network. Successf...

6.5CVSS6.4AI score0.00174EPSS

CVE•added 2020/10/12 2:15 p.m.•33 views

CVE-2020-9090

FusionAccess version 6.5.1 has an improper authorization vulnerability. A command is authorized with incorrect privilege. Attackers with other privilege can execute the command to exploit this vulnerability. This may compromise normal service of the affected product.

7.8CVSS7.8AI score0.00027EPSS

CVE•added 2017/04/02 8:59 p.m.•32 views

CVE-2015-7844

Huawei FusionAccess with software V100R005C10,V100R005C20 could allow attackers to craft and send a malformed HDP protocol packet to cause the virtual cloud desktop to be displaying an error and not usable.

7.8CVSS7.4AI score0.00172EPSS

CVE•added 2016/09/07 7:28 p.m.•29 views

CVE-2016-6839

CRLF injection vulnerability in Huawei FusionAccess before V100R006C00 allows remote attackers to inject arbitrary HTTP headers and conduct HTTP response splitting attacks via unspecified vectors.

6.1CVSS6.2AI score0.00152EPSS