Every CVE whose affected-product data names Huawei Fusioncompute, ordered by CVSS severity, with EPSS exploit prediction and CISA KEV status.
CVEs (21)
CVE-2020-9233 — CVSS 9.1 (critical): FusionCompute 8.0.0 have an insufficient authentication vulnerability. An attacker may exploit the vulnerability to delete some files and…
CVE-2020-9236 — CVSS 8.8 (high): There is an improper interface design vulnerability in Huawei product. A module interface of the impated product does not deal with some…
CVE-2021-37102 — CVSS 8.8 (high): There is a command injection vulnerability in CMA service module of FusionCompute product when processing the default certificate file. The…
CVE-2020-9242 — CVSS 8.8 (high): FusionCompute 8.0.0 have a command injection vulnerability. The software does not sufficiently validate certain parameters post from user…
CVE-2020-9078 — CVSS 7.8 (high): FusionCompute 8.0.0 have local privilege escalation vulnerability. A local, authenticated attacker could perform specific operations to…
CVE-2020-9114 — CVSS 7.8 (high): FusionCompute versions 6.3.0, 6.3.1, 6.5.0, 6.5.1 and 8.0.0 have a privilege escalation vulnerability. Due to improper privilege…
CVE-2020-9228 — CVSS 7.5 (high): FusionCompute 8.0.0 has an information disclosure vulnerability. Due to the properly protection of certain information, attackers may…
CVE-2021-37105 — CVSS 7.5 (high): There is an improper file upload control vulnerability in FusionCompute 6.5.0, 6.5.1 and 8.0.0. Due to the improper verification of file to…
CVE-2020-9116 — CVSS 7.2 (high): Huawei FusionCompute versions 6.5.1 and 8.0.0 have a command injection vulnerability. An authenticated, remote attacker can craft specific…
CVE-2021-37106 — CVSS 7.2 (high): There is a command injection vulnerability in CMA service module of FusionCompute 6.3.0, 6.3.1, 6.5.0 and 8.0.0 when processing the default…
CVE-2020-9222 — CVSS 7.0 (high): There is a privilege escalation vulnerability in Huawei FusionCompute product. Due to insufficient verification on specific files that need…
CVE-2020-9248 — CVSS 6.7 (medium): Huawei FusionComput 8.0.0 have an improper authorization vulnerability. A module does not verify some input correctly and authorizes files…
CVE-2016-4057 — CVSS 6.5 (medium): Huawei FusionCompute before V100R005C10SPC700 allows remote authenticated users to cause a denial of service (resource consumption) via a…
CVE-2017-8158 — CVSS 6.5 (medium): FusionCompute V100R005C00 and V100R005C10 have an improper authorization vulnerability due to improper permission settings for a certain…
CVE-2020-9246 — CVSS 6.5 (medium): FusionCompute 8.0.0 has an information leak vulnerability. A module does not launch strict access control and information protection…
CVE-2016-6827 — CVSS 6.5 (medium): Huawei FusionCompute before V100R005C10CP7002 stores cleartext AES keys in a file, which allows remote authenticated users to obtain…
CVE-2021-37036 — CVSS 5.5 (medium): There is an information leakage vulnerability in FusionCompute 6.5.1, eCNS280_TD V100R005C00 and V100R005C10. Due to the improperly storage…
CVE-2020-9229 — CVSS 4.4 (medium): FusionCompute 8.0.0 has an information disclosure vulnerability. Due to the properly protection of certain information, attackers may…
CVE-2020-9128 — CVSS 4.4 (medium): FusionCompute versions 8.0.0 have an insecure encryption algorithm vulnerability. Attackers with high permissions can exploit this…
CVE-2021-22358 — CVSS 4.3 (medium): There is an insufficient input validation vulnerability in FusionCompute 8.0.0. Due to the input validation is insufficient, an attacker…
CVE-2015-8336 — CVSS 4.3 (medium): Huawei FusionCompute with software before V100R005C10SPC700 allows remote authenticated users to obtain sensitive "role and permission"…