CVE-2020-9114Improper Privilege Management in Huawei Fusioncompute

CWE-269Improper Privilege Management3 documents3 sources
Severity
7.8HIGHNVD
EPSS
0.0%
top 95.52%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
1
Huawei Fusioncompute
Timeline
PublishedDec 1
Latest updateMay 24

Description

FusionCompute versions 6.3.0, 6.3.1, 6.5.0, 6.5.1 and 8.0.0 have a privilege escalation vulnerability. Due to improper privilege management, an attacker with common privilege may access some specific files and get the administrator privilege in the affected products. Successful exploit will cause privilege escalation.

CVSS vector

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:HExploitability: 1.8 | Impact: 5.9

Affected Packages2 packages

CVEListV5huawei/fusioncompute6.3.0,6.3.1,6.5.0,6.5.1,8.0.0
NVDhuawei/fusioncompute5 versions+4

🔴Vulnerability Details

2
GHSA
GHSA-74qh-vr52-6vv4: FusionCompute versions 62022-05-24
CVEList
CVE-2020-9114: FusionCompute versions 62020-12-01
CVE-2020-9114 — Improper Privilege Management in Huawei | cvebase