Path Traversal Vulnerability in GaussDB 200 by Huawei
CVE-2020-1853

6.5MEDIUM

Key Information:

Vendor
Huawei
Status
Gaussdb 200
Vendor
CVE Published:
17 February 2020

Summary

GaussDB 200 version 6.5.1 contains a path traversal vulnerability due to inadequate input path validation. An authenticated attacker could exploit this weakness to traverse directories, allowing them to download sensitive files to designated locations. This could lead to significant information leakage, posing a risk to the integrity and confidentiality of the system.

Affected Version(s)

GaussDB 200 6.5.1

References

http://www.huawei.com/en/psirt/security-advisories/huawei...
x_refsource_CONFIRM

CVSS V3.1

Score:
6.5
Severity:
MEDIUM
Confidentiality:
High
Integrity:
None
Availability:
High
Attack Vector:
Network
Attack Complexity:
Low
Privileges Required:
Low
User Interaction:
None
Scope:
Unchanged

Timeline

  • Vulnerability published

  • Vulnerability Reserved

.
🍪 This website uses cookies, like every other website on the internet 😕 By using our website, you consent to the use of cookies.