CVSS: 5.5EPSS: 0%CPEs: 4EXPL: 0CVE-2021-37036
https://notcve.org/view.php?id=CVE-2021-37036
23 Nov 2021 — There is an information leakage vulnerability in FusionCompute 6.5.1, eCNS280_TD V100R005C00 and V100R005C10. Due to the improperly storage of specific information in the log file, the attacker can obtain the information when a user logs in to the device. Successful exploit may cause the information leak. Se presenta una vulnerabilidad de filtrado de información en FusionCompute versiones 6.5.1, eCNS280_TD V100R005C00 y V100R005C10. Debido al almacenamiento inapropiado de información específica en el archiv... • https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20210818-01-informationleak-en • CWE-532: Insertion of Sensitive Information into Log File •
CVSS: 6.5EPSS: 0%CPEs: 2EXPL: 0CVE-2017-8158
https://notcve.org/view.php?id=CVE-2017-8158
22 Nov 2017 — FusionCompute V100R005C00 and V100R005C10 have an improper authorization vulnerability due to improper permission settings for a certain file on the host machine. An authenticated attacker could create a large number of virtual machine (VM) processes to exhaust system resources. Successful exploit could make new VMs unavailable. FusionCompute V100R005C00 y V100R005C10 tiene una vulnerabilidad de autorización incorrecta debido a una configuración de permisos incorrecta para un archivo determinado en la máqui... • http://www.huawei.com/en/psirt/security-advisories/2017/huawei-sa-20170927-01-dos-en • CWE-732: Incorrect Permission Assignment for Critical Resource •
CVSS: 6.5EPSS: 0%CPEs: 1EXPL: 0CVE-2016-6827
https://notcve.org/view.php?id=CVE-2016-6827
26 Sep 2016 — Huawei FusionCompute before V100R005C10CP7002 stores cleartext AES keys in a file, which allows remote authenticated users to obtain sensitive information via unspecified vectors. Huawei FusionCompute en versiones anteriores a V100R005C10CP7002 almacena claves AES de texto plano en un archivo, lo que permite a usuarios remotos autenticados obtener información sensible a través de vectores no especificados. • http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20160815-01-fusioncompute-EN • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •
CVSS: 6.8EPSS: 0%CPEs: 1EXPL: 0CVE-2016-4057
https://notcve.org/view.php?id=CVE-2016-4057
30 Jun 2016 — Huawei FusionCompute before V100R005C10SPC700 allows remote authenticated users to cause a denial of service (resource consumption) via a large number of crafted packets. Huawei FusionCompute en versiones anteriores a V100R005C10SPC700 permite a usuarios remotos autenticados provocar una denegación de servicio (consumo de recurso) a través de un gran número de paquetes manipulados. • http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20160330-01-fusioncompute-en • CWE-399: Resource Management Errors •