Huawei Fusioncompute

21 CVEs affecting Huawei Fusioncompute. Latest disclosed: 2024-12-27. Critical: 1, High: 10.

Top CVEs affecting Huawei Fusioncompute
CVESeverityScorePublishedSummary
CVE-2020-9233Critical9.12020-08-17FusionCompute 8.0.0 have an insufficient authentication vulnerability. An attacker may exploit the vulnerability to delete some files and cause some services a…
CVE-2020-9236High8.82024-12-27There is an improper interface design vulnerability in Huawei product. A module interface of the impated product does not deal with some operations properly. A…
CVE-2021-37102High8.82021-11-23There is a command injection vulnerability in CMA service module of FusionCompute product when processing the default certificate file. The software constructs…
CVE-2020-9242High8.82020-08-17FusionCompute 8.0.0 have a command injection vulnerability. The software does not sufficiently validate certain parameters post from user, successful exploit c…
CVE-2020-9114High7.82020-12-01FusionCompute versions 6.3.0, 6.3.1, 6.5.0, 6.5.1 and 8.0.0 have a privilege escalation vulnerability. Due to improper privilege management, an attacker with c…
CVE-2020-9078High7.82020-08-10FusionCompute 8.0.0 have local privilege escalation vulnerability. A local, authenticated attacker could perform specific operations to exploit this vulnerabil…
CVE-2021-37105High7.52021-09-28There is an improper file upload control vulnerability in FusionCompute 6.5.0, 6.5.1 and 8.0.0. Due to the improper verification of file to be uploaded and doe…
CVE-2020-9228High7.52020-08-14FusionCompute 8.0.0 has an information disclosure vulnerability. Due to the properly protection of certain information, attackers may exploit this vulnerabilit…
CVE-2021-37106High7.22021-09-28There is a command injection vulnerability in CMA service module of FusionCompute 6.3.0, 6.3.1, 6.5.0 and 8.0.0 when processing the default certificate file. T…
CVE-2020-9116High7.22020-12-01Huawei FusionCompute versions 6.5.1 and 8.0.0 have a command injection vulnerability. An authenticated, remote attacker can craft specific request to exploit t…
CVE-2020-9222High7.02024-12-27There is a privilege escalation vulnerability in Huawei FusionCompute product. Due to insufficient verification on specific files that need to be deserialized…
CVE-2020-9248Medium6.72020-07-31Huawei FusionComput 8.0.0 have an improper authorization vulnerability. A module does not verify some input correctly and authorizes files with incorrect acces…
CVE-2020-9246Medium6.52020-08-21FusionCompute 8.0.0 has an information leak vulnerability. A module does not launch strict access control and information protection. Attackers with low privil…
CVE-2017-8158Medium6.52017-11-22FusionCompute V100R005C00 and V100R005C10 have an improper authorization vulnerability due to improper permission settings for a certain file on the host machi…
CVE-2016-6827Medium6.52016-09-26Huawei FusionCompute before V100R005C10CP7002 stores cleartext AES keys in a file, which allows remote authenticated users to obtain sensitive information via…
CVE-2016-4057Medium6.52016-06-30Huawei FusionCompute before V100R005C10SPC700 allows remote authenticated users to cause a denial of service (resource consumption) via a large number of craft…
CVE-2021-37036Medium5.52021-11-23There is an information leakage vulnerability in FusionCompute 6.5.1, eCNS280_TD V100R005C00 and V100R005C10. Due to the improperly storage of specific informa…
CVE-2020-9128Medium4.42020-11-12FusionCompute versions 8.0.0 have an insecure encryption algorithm vulnerability. Attackers with high permissions can exploit this vulnerability to cause infor…
CVE-2020-9229Medium4.42020-08-14FusionCompute 8.0.0 has an information disclosure vulnerability. Due to the properly protection of certain information, attackers may exploit this vulnerabilit…
CVE-2021-22358Medium4.32021-05-27There is an insufficient input validation vulnerability in FusionCompute 8.0.0. Due to the input validation is insufficient, an attacker can exploit this vulne…