PT-2020-20538 · Huawei · Fusioncompute
Published
2020-08-17
·
Updated
2021-07-21
·
CVE-2020-9242
CVSS v3.1
8.8
High
| Vector | AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H |
Name of the Vulnerable Software and Affected Versions
FusionCompute version 8.0.0
Description
The issue arises from insufficient validation of certain parameters posted by users, allowing an authenticated attacker to potentially launch a command injection attack.
Recommendations
For FusionCompute version 8.0.0, ensure proper validation of user-posted parameters to prevent command injection attacks. At the moment, there is no information about a newer version that contains a fix for this vulnerability.
Command Injection
Found an issue in the description? Have something to add? Feel free to write us 👾
Weakness Enumeration
Related Identifiers
Affected Products
Fusioncompute