CVE-2020-9207
published 2020-12-29CVE-2020-9207: There is an improper authentication vulnerability in some verisons of Huawei CloudEngine product. A module does not verify the input file properly. Attackers…
high7.8CVSS 3.1
AVLACLPRNUIRSUCHIHAH
There is an improper authentication vulnerability in some verisons of Huawei CloudEngine product. A module does not verify the input file properly. Attackers can exploit this vulnerability by crafting malicious files to bypass current verification mechanism. This can compromise normal service.
Affected
10 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| huawei | cloudengine_12800 | — | — |
| huawei | cloudengine_12800_firmware | — | — |
| huawei | cloudengine_5800 | — | — |
| huawei | cloudengine_5800_firmware | — | — |
| huawei | cloudengine_6800 | — | — |
| huawei | cloudengine_6800 | — | — |
| huawei | cloudengine_6800_firmware | — | — |
| huawei | cloudengine_6800_firmware | — | — |
| huawei | cloudengine_7800 | — | — |
| huawei | cloudengine_7800_firmware | — | — |