There is a command injection vulnerability in CMA service module of FusionCompute 6.3.0, 6.3.1, 6.5.0 and 8.0.0 when processing the default certificate file. The software constructs part of a command using external special input from users, but the software does not sufficiently validate the user input. Successful exploit could allow the attacker to inject certain commands to the system.
oryginał ENCVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:HHuawei Fusioncompute
APPHuawei6.3.06.3.16.5.08.0.0
Powiązane podatności
FusionCompute 8.0.0 have an insufficient authentication vulnerability. An attacker may exploit the vulnerabili...
There is a privilege escalation vulnerability in Huawei FusionCompute product. Due to insufficient verificatio...
There is an improper interface design vulnerability in Huawei product. A module interface of the impated produ...
There is a command injection vulnerability in CMA service module of FusionCompute product when processing the ...
There is an improper file upload control vulnerability in FusionCompute 6.5.0, 6.5.1 and 8.0.0. Due to the imp...