First published: Mon Nov 30 2020(Updated: )
Huawei FusionCompute versions 6.5.1 and 8.0.0 have a command injection vulnerability. An authenticated, remote attacker can craft specific request to exploit this vulnerability. Due to insufficient verification, this could be exploited to cause the attackers to obtain higher privilege.
Credit: psirt@huawei.com
Affected Software | Affected Version | How to fix |
---|---|---|
Huawei FusionCompute | =6.5.1 | |
Huawei FusionCompute | =8.0.0 |
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
The vulnerability ID is CVE-2020-9116.
Versions 6.5.1 and 8.0.0 of Huawei FusionCompute are affected by this vulnerability.
An authenticated, remote attacker can craft specific requests to exploit this vulnerability.
The severity of CVE-2020-9116 is high with a CVSS score of 7.2.
To fix this vulnerability, it is recommended to apply the security patch provided by Huawei. Please refer to the official security advisory for more details.