There is a privilege escalation vulnerability in Huawei FusionCompute product. Due to insufficient verification on specific files that need to be deserialized, local attackers can exploit this vulnerability to elevate permissions. (Vulnerability ID: HWPSIRT-2020-05241) This vulnerability has been assigned a Common Vulnerabilities and Exposures (CVE) ID: CVE-2020-9222.
CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:HHuawei Fusioncompute
APPHuawei6.3.06.3.16.5.06.5.18.0.0
Related vulnerabilities
FusionCompute 8.0.0 have an insufficient authentication vulnerability. An attacker may exploit the vulnerabili...
There is an improper interface design vulnerability in Huawei product. A module interface of the impated produ...
There is a command injection vulnerability in CMA service module of FusionCompute product when processing the ...
There is an improper file upload control vulnerability in FusionCompute 6.5.0, 6.5.1 and 8.0.0. Due to the imp...
There is a command injection vulnerability in CMA service module of FusionCompute 6.3.0, 6.3.1, 6.5.0 and 8.0....