CVE-2020-9222
HIGH WAF: Low
CVSS 7.8
Published: 2024-12-27
CWE-269
There is a privilege escalation vulnerability in Huawei FusionCompute product. Due to insufficient verification on specific files that need to be deserialized, local attackers can exploit this vulnerability to elevate permissions. (Vulnerability ID: HWPSIRT-2020-05241) This vulnerability has been assigned a Common Vulnerabilities and Exposures (CVE) ID: CVE-2020-9222.
WAF Coverage Analysis
Improper Privilege Management
Low WAF Coverage
OWASP: A01:2021 Broken Access Control
Affected Software
| Vendor | Product | Version |
|---|---|---|
| huawei | fusioncompute | 6.3.0 |
| huawei | fusioncompute | 6.3.1 |
| huawei | fusioncompute | 6.5.0 |
| huawei | fusioncompute | 6.5.1 |
| huawei | fusioncompute | 8.0.0 |
References
- www.huawei.com (Vendor Advisory)