Lucene search
K
HuaweiFusioncompute

21 matches found

CVE
CVE
added 2020/11/30 11:53 p.m.80 views

CVE-2020-9116

Huawei FusionCompute targets 6.5.1 and 8.0.0 and contains a command injection vulnerability. The issue arises from insufficient verification, allowing an authenticated, remote attacker to craft a request and potentially obtain higher privileges. Affected software is Huawei FusionCompute; remediat...

7.2CVSS7.1AI score0.01023EPSS
CVE
CVE
added 2020/12/01 12:4 a.m.77 views

CVE-2020-9114

CVE-2020-9114 affects Huawei FusionCompute: versions 6.3.0, 6.3.1, 6.5.0, 6.5.1 and 8.0.0 contain a privilege escalation vulnerability caused by improper privilege management. An attacker with common privileges can access certain files and obtain administrator privileges, leading to full compromi...

7.8CVSS7.7AI score0.00216EPSS
CVE
CVE
added 2024/12/27 9:52 a.m.74 views

CVE-2020-9236

Huawei FusionCompute is affected by CVE-2020-9236 (improper interface design). The vulnerability stems from a design flaw in the module interface that can allow attackers to perform malicious operations and compromise the module service. Affected product/version: Huawei FusionCompute, with versio...

8.8CVSS8.5AI score0.0041EPSS
CVE
CVE
added 2016/06/30 4:0 p.m.71 views

CVE-2016-4057

Huawei FusionCompute is affected by CVE-2016-4057: a DoS vulnerability in FusionCompute prior to V100R005C10SPC700 allows remote authenticated users to exhaust resources by sending a high volume of crafted packets, causing service disruption. The issue originates from a vulnerability in handling ...

6.8CVSS6.1AI score0.01011EPSS
CVE
CVE
added 2020/08/10 7:14 p.m.71 views

CVE-2020-9078

Huawei FusionCompute 8.0.0 contains a local privilege escalation vulnerability (CVE-2020-9078). An authenticated local attacker can perform specific operations to gain higher privileges and potentially compromise the service. The issue is documented across multiple sources, including Huawei’s sec...

7.8CVSS7.5AI score0.00219EPSS
CVE
CVE
added 2021/11/23 2:59 p.m.66 views

CVE-2021-37036

CVE-2021-37036 describes an information disclosure in Huawei FusionCompute 6.5.1 and related components (eCNS280_TD V100R005C00/V100R005C10). The root cause is improper storage of specific information in a log file, allowing an attacker to retrieve sensitive data when a user logs into the device....

5.5CVSS5.3AI score0.00166EPSS
CVE
CVE
added 2020/08/17 2:52 p.m.63 views

CVE-2020-9242

The CVE-2020-9242 issue affects Huawei FusionCompute 8.0.0, where a command injection vulnerability exists due to insufficient validation of certain user-supplied parameters. The likely impact is that an authenticated attacker could execute arbitrary commands on affected systems. Huawei’s securit...

8.8CVSS8.7AI score0.01306EPSS
CVE
CVE
added 2024/12/27 9:50 a.m.62 views

CVE-2020-9222

CVE-2020-9222 affects Huawei FusionCompute. The vulnerability is a privilege-escalation issue caused by insufficient verification of specific files during deserialization, enabling local attackers to elevate permissions. Affected product/component: Huawei FusionCompute; root cause: improper deser...

7.8CVSS7AI score0.00111EPSS
CVE
CVE
added 2021/11/23 3:2 p.m.62 views

CVE-2021-37102

The CVE-2021-37102 issue affects Huawei FusionCompute’s CMA service module, where processing the default certificate file allows command injection due to inadequate input validation. Affected versions include FusionCompute 6.0.0, 6.3.0, 6.3.1, 6.5.0, 6.5.1, and 8.0.0. If exploited, an attacker co...

9CVSS8.8AI score0.00946EPSS
CVE
CVE
added 2020/08/14 2:50 p.m.60 views

CVE-2020-9229

Summary: CVE-2020-9229 is an information-disclosure vulnerability in Huawei FusionCompute 8.0.0. The issue stems from failing to protect certain information, allowing an attacker to obtain information. Affected product: Huawei FusionCompute 8.0.0 (VRM/CNA components mentioned in CNVD entry). Root...

4.4CVSS4.5AI score0.00224EPSS
CVE
CVE
added 2021/05/27 12:33 p.m.60 views

CVE-2021-22358

CVE-2021-22358 affects Huawei FusionCompute 8.0.0. The issue is an insufficient input validation vulnerability that allows an attacker to upload arbitrary files to the device, potentially causing the service to become abnormal. Documents from multiple sources confirm the root cause and impact, wi...

4.3CVSS4.6AI score0.00533EPSS
CVE
CVE
added 2020/08/21 1:33 p.m.56 views

CVE-2020-9246

CVE-2020-9246 affects Huawei FusionCompute 8.0.0. It is an information-disclosure vulnerability caused by a module not enforcing strict access control and information protection, allowing low-privilege attackers to obtain additional information. Public references (NVD, Red Hat, CNVD, Prio) corrob...

6.5CVSS6.3AI score0.00607EPSS
CVE
CVE
added 2020/11/12 1:50 p.m.55 views

CVE-2020-9128

CVE-2020-9128 affects Huawei FusionCompute 8.0.0, where an insecure encryption algorithm leads to partial information disclosure. Exploitation is described for attackers with elevated permissions, enabling information leak rather than full compromise. The Red Hat, CNVD, NVD and other feeds corrob...

4.4CVSS4.6AI score0.00112EPSS
CVE
CVE
added 2021/09/28 2:3 p.m.54 views

CVE-2021-37105

CVE-2021-37105 affects Huawei FusionCompute (VRM/CNA) with an improper file upload control vulnerability. FusionCompute versions 6.5.0, 6.5.1 and 8.0.0 fail to properly verify uploaded files or restrict file access paths, enabling an attacker to upload malicious files and cause service abnormalit...

7.5CVSS7.5AI score0.00636EPSS
CVE
CVE
added 2017/11/22 7:0 p.m.53 views

CVE-2017-8158

Huawei FusionCompute (V100R005C00 and V100R005C10) contains an improper authorization vulnerability due to misconfigured host-file permissions. An authenticated attacker could trigger a denial by spawning a large number of VM processes, exhausting system resources and making new VMs unavailable. ...

6.5CVSS6.3AI score0.00199EPSS
CVE
CVE
added 2020/08/17 3:11 p.m.53 views

CVE-2020-9233

CVE-2020-9233 affects Huawei FusionCompute 8.0.0. The vulnerability is described as an insufficient authentication flaw that could enable an attacker to delete files and cause services to behave abnormally. The CVSS metrics in the public entry indicate high impact (CRITICAL in CVSS 3.1: 9.1) with...

9.1CVSS9.2AI score0.00775EPSS
CVE
CVE
added 2016/04/14 3:0 p.m.52 views

CVE-2015-8336

CVE-2015-8336 affects Huawei FusionCompute prior to V100R005C10SPC700. It enables remote authenticated users to obtain sensitive role and permission information via unspecified vectors due to an information disclosure vulnerability. Affected versions: FusionCompute before V100R005C10SPC700. Mitig...

4.3CVSS4.1AI score0.00597EPSS
CVE
CVE
added 2016/09/26 4:0 p.m.51 views

CVE-2016-6827

Huawei FusionCompute before V100R005C10CP7002 stores cleartext AES keys in a file, enabling remote authenticated users to obtain sensitive information via unspecified vectors. Connected documents confirm the vulnerability originates from plaintext key storage and affects FusionCompute deployments...

6.5CVSS5.8AI score0.01016EPSS
CVE
CVE
added 2020/08/14 2:43 p.m.51 views

CVE-2020-9228

CVE-2020-9228 affects Huawei FusionCompute 8.0.0. The vulnerability is an information disclosure where the product fails to protect certain information, allowing potential leakage. Connected sources (NVD, Red Hat RH, CNVD, PRION, CVE list, and Huawei PSIRT) corroborate the INFO DISCLOSURE BMC con...

7.5CVSS7.1AI score0.00777EPSS
CVE
CVE
added 2020/07/31 12:24 p.m.51 views

CVE-2020-9248

CVE-2020-9248 affects Huawei FusionCompute 8.0.0; the vulnerability stems from a module that fails to verify input and improperly authorizes certain files, enabling privilege escalation and potential disruption of normal service. Exploitation details are not provided in the document set, but the ...

6.7CVSS6.7AI score0.00227EPSS
CVE
CVE
added 2021/09/28 2:2 p.m.51 views

CVE-2021-37106

CVE-2021-37106 affects Huawei FusionCompute CMA service module (versions 6.3.0, 6.3.1, 6.5.0 and 8.0.0). The issue is a command injection vulnerability that occurs when processing the default certificate file, where external input from users is used to build part of a command without sufficient v...

9CVSS7.1AI score0.00898EPSS