Overview
- Description
- FusionCompute versions 6.3.0, 6.3.1, 6.5.0, 6.5.1 and 8.0.0 have a privilege escalation vulnerability. Due to improper privilege management, an attacker with common privilege may access some specific files and get the administrator privilege in the affected products. Successful exploit will cause privilege escalation.
- Source
- psirt@huawei.com
- NVD status
- Analyzed
Risk scores
CVSS 3.1
- Type
- Primary
- Base score
- 7.8
- Impact score
- 5.9
- Exploitability score
- 1.8
- Vector string
- CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
- Severity
- HIGH
CVSS 2.0
- Type
- Primary
- Base score
- 7.2
- Impact score
- 10
- Exploitability score
- 3.9
- Vector string
- AV:L/AC:L/Au:N/C:C/I:C/A:C
Weaknesses
- nvd@nist.gov
- CWE-269
Social media
- Hype score
- Not currently trending
Configurations
[
{
"nodes": [
{
"negate": false,
"cpeMatch": [
{
"criteria": "cpe:2.3:a:huawei:fusioncompute:6.3.0:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "319C5290-36D1-4A96-80D3-18978161557D"
},
{
"criteria": "cpe:2.3:a:huawei:fusioncompute:6.3.1:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "9EFA1D96-F198-4424-8F5A-1C7DFF3F42AE"
},
{
"criteria": "cpe:2.3:a:huawei:fusioncompute:6.5.0:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "EB149F98-77DF-40C3-A307-21D7B9BCB6DA"
},
{
"criteria": "cpe:2.3:a:huawei:fusioncompute:6.5.1:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "916284A3-6895-4F2C-9426-240F4EB7336F"
},
{
"criteria": "cpe:2.3:a:huawei:fusioncompute:8.0.0:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "5D251AD0-6227-4190-815F-B526F40D8A43"
}
],
"operator": "OR"
}
]
}
]