Vulnerability Details CVE-2020-9207
There is an improper authentication vulnerability in some verisons of Huawei CloudEngine product. A module does not verify the input file properly. Attackers can exploit this vulnerability by crafting malicious files to bypass current verification mechanism. This can compromise normal service.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.001
EPSS Ranking 25.5%
CVSS Severity
CVSS v3 Score 7.8
CVSS v2 Score 6.8
References
Products affected by CVE-2020-9207
-
cpe:2.3:h:huawei:cloudengine_12800:-
-
cpe:2.3:h:huawei:cloudengine_5800:-
-
cpe:2.3:h:huawei:cloudengine_6800:-
-
cpe:2.3:h:huawei:cloudengine_7800:-
-
cpe:2.3:o:huawei:cloudengine_12800_firmware:v200r019c00spc800
-
cpe:2.3:o:huawei:cloudengine_5800_firmware:v200r019c00spc800
-
cpe:2.3:o:huawei:cloudengine_6800_firmware:v200r005c20spc800
-
cpe:2.3:o:huawei:cloudengine_6800_firmware:v200r019c00spc800
-
cpe:2.3:o:huawei:cloudengine_7800_firmware:v200r019c00spc800