Huawei

Fusioncompute

20 Schwachstellen gefunden.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
6.5

CVE-2020-9246

  • EPSS 0.15%
  • Veröffentlicht 21.08.2020 14:15:11
  • Zuletzt bearbeitet 21.11.2024 05:40:15

FusionCompute 8.0.0 has an information leak vulnerability. A module does not launch strict access control and information protection. Attackers with low privilege can get some extra information. This can lead to information leak.

9.1

CVE-2020-9233

  • EPSS 0.14%
  • Veröffentlicht 17.08.2020 16:15:13
  • Zuletzt bearbeitet 21.11.2024 05:40:12

FusionCompute 8.0.0 have an insufficient authentication vulnerability. An attacker may exploit the vulnerability to delete some files and cause some services abnormal.

8.8

CVE-2020-9242

  • EPSS 2.02%
  • Veröffentlicht 17.08.2020 15:15:15
  • Zuletzt bearbeitet 21.11.2024 05:40:14

FusionCompute 8.0.0 have a command injection vulnerability. The software does not sufficiently validate certain parameters post from user, successful exploit could allow an authenticated attacker to launch a command injection attack.

4.4

CVE-2020-9229

  • EPSS 0.03%
  • Veröffentlicht 14.08.2020 15:15:14
  • Zuletzt bearbeitet 21.11.2024 05:40:11

FusionCompute 8.0.0 has an information disclosure vulnerability. Due to the properly protection of certain information, attackers may exploit this vulnerability to obtain certain information.

7.5

CVE-2020-9228

  • EPSS 0.15%
  • Veröffentlicht 14.08.2020 15:15:14
  • Zuletzt bearbeitet 21.11.2024 05:40:11

FusionCompute 8.0.0 has an information disclosure vulnerability. Due to the properly protection of certain information, attackers may exploit this vulnerability to obtain certain information.

7.8

CVE-2020-9078

  • EPSS 0.02%
  • Veröffentlicht 10.08.2020 20:15:11
  • Zuletzt bearbeitet 21.11.2024 05:39:59

FusionCompute 8.0.0 have local privilege escalation vulnerability. A local, authenticated attacker could perform specific operations to exploit this vulnerability. Successful exploitation may cause the attacker to obtain a higher privilege and compro...

6.7

CVE-2020-9248

  • EPSS 0.03%
  • Veröffentlicht 31.07.2020 13:15:12
  • Zuletzt bearbeitet 21.11.2024 05:40:16

Huawei FusionComput 8.0.0 have an improper authorization vulnerability. A module does not verify some input correctly and authorizes files with incorrect access. Attackers can exploit this vulnerability to launch privilege escalation attack. This can...

6.5

CVE-2017-8158

  • EPSS 0.02%
  • Veröffentlicht 22.11.2017 19:29:03
  • Zuletzt bearbeitet 20.04.2025 01:37:25

FusionCompute V100R005C00 and V100R005C10 have an improper authorization vulnerability due to improper permission settings for a certain file on the host machine. An authenticated attacker could create a large number of virtual machine (VM) processes...

6.5

CVE-2016-6827

  • EPSS 0.11%
  • Veröffentlicht 26.09.2016 16:59:07
  • Zuletzt bearbeitet 12.04.2025 10:46:40

Huawei FusionCompute before V100R005C10CP7002 stores cleartext AES keys in a file, which allows remote authenticated users to obtain sensitive information via unspecified vectors.

4.3

CVE-2015-8336

  • EPSS 0.08%
  • Veröffentlicht 14.04.2016 15:59:02
  • Zuletzt bearbeitet 12.04.2025 10:46:40

Huawei FusionCompute with software before V100R005C10SPC700 allows remote authenticated users to obtain sensitive "role and permission" information via unspecified vectors.