First published: Fri Jul 31 2020(Updated: )
Huawei FusionComput 8.0.0 have an improper authorization vulnerability. A module does not verify some input correctly and authorizes files with incorrect access. Attackers can exploit this vulnerability to launch privilege escalation attack. This can compromise normal service.
Credit: psirt@huawei.com
Affected Software | Affected Version | How to fix |
---|---|---|
Huawei FusionCompute | =8.0.0 |
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
The vulnerability ID is CVE-2020-9248.
The severity level of CVE-2020-9248 is medium.
The vulnerability allows attackers to launch privilege escalation attacks, compromising normal service.
Attackers can exploit the vulnerability by manipulating and authorizing files with incorrect access.
For information on how to fix CVE-2020-9248, please refer to the official Huawei security advisory: [https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20200729-01-fc-en](https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20200729-01-fc-en)