CVE-2020-9248

6.7MEDIUM

Key Information:

Vendor: Huawei
Status: Fusioncompute
Vendor: CVE Published:; 31 July 2020

Summary

Huawei FusionComput 8.0.0 have an improper authorization vulnerability. A module does not verify some input correctly and authorizes files with incorrect access. Attackers can exploit this vulnerability to launch privilege escalation attack. This can compromise normal service.

Affected Version(s)

FusionCompute 8.0.0

References

https://www.huawei.com/en/psirt/security-advisories/huawe...

x_refsource_MISC

CVSS V3.1

Score:

6.7

Severity:

MEDIUM

Confidentiality:

High

Integrity:

High

Availability:

High

Attack Vector:

Local

Attack Complexity:

Low

Privileges Required:

High

User Interaction:

None

Scope:

Unchanged

Timeline

Vulnerability published
Jul 31, 2020
Vulnerability Reserved
Feb 18, 2020