CVE-2020-9248

EUVD-2020-30077
Huawei FusionComput 8.0.0 have an improper authorization vulnerability. A module does not verify some input correctly and authorizes files with incorrect access. Attackers can exploit this vulnerability to launch privilege escalation attack. This can compromise normal service.
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTPrimary
6.7 MEDIUM
LOCAL
LOW
HIGH
CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
Base Score
CVSS 3.x
EPSS Score
Percentile: 6%
Affected Products (NVD)
VendorProductVersion
huaweifusioncompute
8.0.0
𝑥
= Vulnerable software versions
References
https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20200729-01-fc-en
https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20200729-01-fc-en