CVE-2020-9246 — Sensitive Information Exposure in Huawei Fusioncompute

CWE-200 — Sensitive Information Exposure3 documents3 sources

Severity

6.5MEDIUMNVD

EPSS

0.2%

top 63.99%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

Huawei Fusioncompute

Timeline

PublishedAug 21

Latest updateMay 24

Description

FusionCompute 8.0.0 has an information leak vulnerability. A module does not launch strict access control and information protection. Attackers with low privilege can get some extra information. This can lead to information leak.

CVSS vector

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:NExploitability: 2.8 | Impact: 3.6

Affected Packages2 packages

▶CVEListV5huawei/fusioncompute8.0.0

▶NVDhuawei/fusioncompute8.0.0

🔴Vulnerability Details

GHSA

GHSA-hggr-m5fg-ch3h: FusionCompute 8↗2022-05-24

▶

CVEList

CVE-2020-9246: FusionCompute 8↗2020-08-21

▶