CVE-2020-9114
First published: Tue Dec 01 2020(Updated: )
FusionCompute versions 6.3.0, 6.3.1, 6.5.0, 6.5.1 and 8.0.0 have a privilege escalation vulnerability. Due to improper privilege management, an attacker with common privilege may access some specific files and get the administrator privilege in the affected products. Successful exploit will cause privilege escalation.
Credit: psirt@huawei.com
| Affected Software | Affected Version | How to fix |
|---|---|---|
| Huawei FusionCompute | =6.3.0 | |
| Huawei FusionCompute | =6.3.1 | |
| Huawei FusionCompute | =6.5.0 | |
| Huawei FusionCompute | =6.5.1 | |
| Huawei FusionCompute | =8.0.0 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
Frequently Asked Questions
What is CVE-2020-9114?
CVE-2020-9114 is a privilege escalation vulnerability in FusionCompute versions 6.3.0, 6.3.1, 6.5.0, 6.5.1, and 8.0.0.
How severe is CVE-2020-9114?
CVE-2020-9114 has a severity rating of 7.8 (High).
What is the affected software?
The affected software versions are FusionCompute 6.3.0, 6.3.1, 6.5.0, 6.5.1, and 8.0.0.
How does CVE-2020-9114 affect Huawei FusionCompute?
CVE-2020-9114 allows an attacker with common privilege to gain administrator privilege in Huawei FusionCompute versions 6.3.0, 6.3.1, 6.5.0, 6.5.1, and 8.0.0.
How can I fix CVE-2020-9114?
To fix CVE-2020-9114, update the affected software to a version that includes the necessary security patches.
- collector/nvd-index
- agent/weakness
- agent/references
- agent/author
- agent/severity
- agent/tags
- agent/description
- agent/type
- agent/event
- agent/last-modified-date
- agent/softwarecombine
- agent/first-publish-date
- vendor/huawei
- canonical/huawei fusioncompute
- version/huawei fusioncompute/6.3.0
- version/huawei fusioncompute/6.3.1
- version/huawei fusioncompute/6.5.0
- version/huawei fusioncompute/6.5.1
- version/huawei fusioncompute/8.0.0