First published: Mon Aug 17 2020(Updated: )
FusionCompute 8.0.0 have a command injection vulnerability. The software does not sufficiently validate certain parameters post from user, successful exploit could allow an authenticated attacker to launch a command injection attack.
Credit: psirt@huawei.com
Affected Software | Affected Version | How to fix |
---|---|---|
Huawei FusionCompute | =8.0.0 |
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
CVE-2020-9242 is a command injection vulnerability in Huawei FusionCompute 8.0.0.
The vulnerability occurs due to insufficient validation of certain parameters post from the user.
The severity of CVE-2020-9242 is high with a CVSS score of 8.8.
An authenticated attacker can launch a command injection attack by exploiting CVE-2020-9242.
It is recommended to update to a patched version of Huawei FusionCompute to fix the CVE-2020-9242 vulnerability.