Huawei Fusioncompute
21 CVEs affecting Huawei Fusioncompute. Latest disclosed: 2024-12-27. Critical: 1, High: 10.
| CVE | Severity | Score | Published | Summary |
|---|---|---|---|---|
CVE-2020-9233 | Critical | 9.1 | 2020-08-17 | FusionCompute 8.0.0 have an insufficient authentication vulnerability. An attacker may exploit the vulnerability to delete some files and cause some services a… |
CVE-2020-9236 | High | 8.8 | 2024-12-27 | There is an improper interface design vulnerability in Huawei product. A module interface of the impated product does not deal with some operations properly. A… |
CVE-2021-37102 | High | 8.8 | 2021-11-23 | There is a command injection vulnerability in CMA service module of FusionCompute product when processing the default certificate file. The software constructs… |
CVE-2020-9242 | High | 8.8 | 2020-08-17 | FusionCompute 8.0.0 have a command injection vulnerability. The software does not sufficiently validate certain parameters post from user, successful exploit c… |
CVE-2020-9114 | High | 7.8 | 2020-12-01 | FusionCompute versions 6.3.0, 6.3.1, 6.5.0, 6.5.1 and 8.0.0 have a privilege escalation vulnerability. Due to improper privilege management, an attacker with c… |
CVE-2020-9078 | High | 7.8 | 2020-08-10 | FusionCompute 8.0.0 have local privilege escalation vulnerability. A local, authenticated attacker could perform specific operations to exploit this vulnerabil… |
CVE-2021-37105 | High | 7.5 | 2021-09-28 | There is an improper file upload control vulnerability in FusionCompute 6.5.0, 6.5.1 and 8.0.0. Due to the improper verification of file to be uploaded and doe… |
CVE-2020-9228 | High | 7.5 | 2020-08-14 | FusionCompute 8.0.0 has an information disclosure vulnerability. Due to the properly protection of certain information, attackers may exploit this vulnerabilit… |
CVE-2021-37106 | High | 7.2 | 2021-09-28 | There is a command injection vulnerability in CMA service module of FusionCompute 6.3.0, 6.3.1, 6.5.0 and 8.0.0 when processing the default certificate file. T… |
CVE-2020-9116 | High | 7.2 | 2020-12-01 | Huawei FusionCompute versions 6.5.1 and 8.0.0 have a command injection vulnerability. An authenticated, remote attacker can craft specific request to exploit t… |
CVE-2020-9222 | High | 7.0 | 2024-12-27 | There is a privilege escalation vulnerability in Huawei FusionCompute product. Due to insufficient verification on specific files that need to be deserialized… |
CVE-2020-9248 | Medium | 6.7 | 2020-07-31 | Huawei FusionComput 8.0.0 have an improper authorization vulnerability. A module does not verify some input correctly and authorizes files with incorrect acces… |
CVE-2020-9246 | Medium | 6.5 | 2020-08-21 | FusionCompute 8.0.0 has an information leak vulnerability. A module does not launch strict access control and information protection. Attackers with low privil… |
CVE-2017-8158 | Medium | 6.5 | 2017-11-22 | FusionCompute V100R005C00 and V100R005C10 have an improper authorization vulnerability due to improper permission settings for a certain file on the host machi… |
CVE-2016-6827 | Medium | 6.5 | 2016-09-26 | Huawei FusionCompute before V100R005C10CP7002 stores cleartext AES keys in a file, which allows remote authenticated users to obtain sensitive information via… |
CVE-2016-4057 | Medium | 6.5 | 2016-06-30 | Huawei FusionCompute before V100R005C10SPC700 allows remote authenticated users to cause a denial of service (resource consumption) via a large number of craft… |
CVE-2021-37036 | Medium | 5.5 | 2021-11-23 | There is an information leakage vulnerability in FusionCompute 6.5.1, eCNS280_TD V100R005C00 and V100R005C10. Due to the improperly storage of specific informa… |
CVE-2020-9128 | Medium | 4.4 | 2020-11-12 | FusionCompute versions 8.0.0 have an insecure encryption algorithm vulnerability. Attackers with high permissions can exploit this vulnerability to cause infor… |
CVE-2020-9229 | Medium | 4.4 | 2020-08-14 | FusionCompute 8.0.0 has an information disclosure vulnerability. Due to the properly protection of certain information, attackers may exploit this vulnerabilit… |
CVE-2021-22358 | Medium | 4.3 | 2021-05-27 | There is an insufficient input validation vulnerability in FusionCompute 8.0.0. Due to the input validation is insufficient, an attacker can exploit this vulne… |