Fusioncompute@8.0.0 Security Vulnerabilities and Issues — Fusioncompute@8.0.0 CVE List

Lucene search

HuaweiFusioncompute8.0.0

16 matches found

CVE•added 2024/12/27 10:15 a.m.•62 views

CVE-2020-9236

There is an improper interface design vulnerability in Huawei product. A module interface of the impated product does not deal with some operations properly. Attackers can exploit this vulnerability to perform malicious operatation to compromise module service. (Vulnerability ID: HWPSIRT-2020-05010...

8.8CVSS8.5AI score0.00082EPSS

CVE•added 2020/12/01 1:15 a.m.•61 views

CVE-2020-9114

FusionCompute versions 6.3.0, 6.3.1, 6.5.0, 6.5.1 and 8.0.0 have a privilege escalation vulnerability. Due to improper privilege management, an attacker with common privilege may access some specific files and get the administrator privilege in the affected products. Successful exploit will cause p...

7.8CVSS7.7AI score0.00018EPSS

CVE•added 2020/12/01 12:15 a.m.•61 views

CVE-2020-9116

Huawei FusionCompute versions 6.5.1 and 8.0.0 have a command injection vulnerability. An authenticated, remote attacker can craft specific request to exploit this vulnerability. Due to insufficient verification, this could be exploited to cause the attackers to obtain higher privilege.

7.2CVSS7.1AI score0.01506EPSS

CVE•added 2020/08/10 8:15 p.m.•56 views

CVE-2020-9078

FusionCompute 8.0.0 have local privilege escalation vulnerability. A local, authenticated attacker could perform specific operations to exploit this vulnerability. Successful exploitation may cause the attacker to obtain a higher privilege and compromise the service.

7.8CVSS7.5AI score0.00024EPSS

CVE•added 2024/12/27 10:15 a.m.•48 views

CVE-2020-9222

There is a privilege escalation vulnerability in Huawei FusionCompute product. Due to insufficient verification on specific files that need to be deserialized, local attackers can exploit this vulnerability to elevate permissions. (Vulnerability ID: HWPSIRT-2020-05241) This vulnerability has been a...

7.8CVSS7AI score0.0001EPSS

CVE•added 2020/08/17 3:15 p.m.•48 views

CVE-2020-9242

FusionCompute 8.0.0 have a command injection vulnerability. The software does not sufficiently validate certain parameters post from user, successful exploit could allow an authenticated attacker to launch a command injection attack.

8.8CVSS8.7AI score0.02018EPSS

CVE•added 2020/08/14 3:15 p.m.•43 views

CVE-2020-9229

FusionCompute 8.0.0 has an information disclosure vulnerability. Due to the properly protection of certain information, attackers may exploit this vulnerability to obtain certain information.

4.4CVSS4.5AI score0.00031EPSS

CVE•added 2021/11/23 4:15 p.m.•43 views

CVE-2021-37102

There is a command injection vulnerability in CMA service module of FusionCompute product when processing the default certificate file. The software constructs part of a command using external special input from users, but the software does not sufficiently validate the user input. Successful explo...

9CVSS8.8AI score0.00738EPSS

CVE•added 2021/05/27 1:15 p.m.•42 views

CVE-2021-22358

There is an insufficient input validation vulnerability in FusionCompute 8.0.0. Due to the input validation is insufficient, an attacker can exploit this vulnerability to upload any files to the device. Successful exploit may cause the service abnormal.

4.3CVSS4.6AI score0.00169EPSS

CVE•added 2020/08/21 2:15 p.m.•39 views

CVE-2020-9246

FusionCompute 8.0.0 has an information leak vulnerability. A module does not launch strict access control and information protection. Attackers with low privilege can get some extra information. This can lead to information leak.

6.5CVSS6.3AI score0.00153EPSS

CVE•added 2021/09/28 3:15 p.m.•39 views

CVE-2021-37105

There is an improper file upload control vulnerability in FusionCompute 6.5.0, 6.5.1 and 8.0.0. Due to the improper verification of file to be uploaded and does not strictly restrict the file access path, attackers may upload malicious files to the device, resulting in the service abnormal.

7.5CVSS7.5AI score0.00182EPSS

CVE•added 2020/11/12 2:15 p.m.•37 views

CVE-2020-9128

FusionCompute versions 8.0.0 have an insecure encryption algorithm vulnerability. Attackers with high permissions can exploit this vulnerability to cause information leak.

4.4CVSS4.6AI score0.00007EPSS

CVE•added 2020/08/17 4:15 p.m.•37 views

CVE-2020-9233

FusionCompute 8.0.0 have an insufficient authentication vulnerability. An attacker may exploit the vulnerability to delete some files and cause some services abnormal.

9.1CVSS9.2AI score0.00141EPSS

CVE•added 2020/07/31 1:15 p.m.•37 views

CVE-2020-9248

Huawei FusionComput 8.0.0 have an improper authorization vulnerability. A module does not verify some input correctly and authorizes files with incorrect access. Attackers can exploit this vulnerability to launch privilege escalation attack. This can compromise normal service.

6.7CVSS6.7AI score0.00026EPSS

CVE•added 2020/08/14 3:15 p.m.•35 views

CVE-2020-9228

FusionCompute 8.0.0 has an information disclosure vulnerability. Due to the properly protection of certain information, attackers may exploit this vulnerability to obtain certain information.

7.5CVSS7.1AI score0.00151EPSS

CVE•added 2021/09/28 3:15 p.m.•31 views

CVE-2021-37106

There is a command injection vulnerability in CMA service module of FusionCompute 6.3.0, 6.3.1, 6.5.0 and 8.0.0 when processing the default certificate file. The software constructs part of a command using external special input from users, but the software does not sufficiently validate the user i...

9CVSS7.1AI score0.00479EPSS