CVE-2020-9233 — Improper Authentication in Huawei Fusioncompute

CWE-287 — Improper Authentication3 documents3 sources

Severity

9.1CRITICALNVD

EPSS

0.1%

top 65.63%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

Huawei Fusioncompute

Timeline

PublishedAug 17

Latest updateMay 24

Description

FusionCompute 8.0.0 have an insufficient authentication vulnerability. An attacker may exploit the vulnerability to delete some files and cause some services abnormal.

CVSS vector

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:HExploitability: 3.9 | Impact: 5.2

Affected Packages2 packages

▶CVEListV5huawei/fusioncompute8.0.0

▶NVDhuawei/fusioncompute8.0.0

🔴Vulnerability Details

GHSA

GHSA-3v8h-w3v6-jj53: FusionCompute 8↗2022-05-24

▶

CVEList

CVE-2020-9233: FusionCompute 8↗2020-08-17

▶