Huawei: >> Fusioncompute Security Vulnerabilities
FusionCompute 8.0.0 has an information leak vulnerability. A module does not launch strict access control and information protection. Attackers with low privilege can get some extra information. This can lead to information leak.
CVSS Score
6.5
EPSS Score
0.002
Published
2020-08-21
FusionCompute 8.0.0 have an insufficient authentication vulnerability. An attacker may exploit the vulnerability to delete some files and cause some services abnormal.
CVSS Score
9.1
EPSS Score
0.001
Published
2020-08-17
FusionCompute 8.0.0 have a command injection vulnerability. The software does not sufficiently validate certain parameters post from user, successful exploit could allow an authenticated attacker to launch a command injection attack.
CVSS Score
8.8
EPSS Score
0.02
Published
2020-08-17
FusionCompute 8.0.0 has an information disclosure vulnerability. Due to the properly protection of certain information, attackers may exploit this vulnerability to obtain certain information.
CVSS Score
7.5
EPSS Score
0.002
Published
2020-08-14
FusionCompute 8.0.0 has an information disclosure vulnerability. Due to the properly protection of certain information, attackers may exploit this vulnerability to obtain certain information.
CVSS Score
4.4
EPSS Score
0.0
Published
2020-08-14
FusionCompute 8.0.0 have local privilege escalation vulnerability. A local, authenticated attacker could perform specific operations to exploit this vulnerability. Successful exploitation may cause the attacker to obtain a higher privilege and compromise the service.
CVSS Score
7.8
EPSS Score
0.0
Published
2020-08-10
Huawei FusionComput 8.0.0 have an improper authorization vulnerability. A module does not verify some input correctly and authorizes files with incorrect access. Attackers can exploit this vulnerability to launch privilege escalation attack. This can compromise normal service.
CVSS Score
6.7
EPSS Score
0.0
Published
2020-07-31
FusionCompute V100R005C00 and V100R005C10 have an improper authorization vulnerability due to improper permission settings for a certain file on the host machine. An authenticated attacker could create a large number of virtual machine (VM) processes to exhaust system resources. Successful exploit could make new VMs unavailable.
CVSS Score
6.5
EPSS Score
0.0
Published
2017-11-22
Huawei FusionCompute before V100R005C10CP7002 stores cleartext AES keys in a file, which allows remote authenticated users to obtain sensitive information via unspecified vectors.
CVSS Score
6.5
EPSS Score
0.001
Published
2016-09-26
Huawei FusionCompute before V100R005C10SPC700 allows remote authenticated users to cause a denial of service (resource consumption) via a large number of crafted packets.
CVSS Score
6.5
EPSS Score
0.001
Published
2016-06-30