CVE-2020-9236

There is an improper interface design vulnerability in Huawei product. A module interface of the impated product does not deal with some operations properly. Attackers can exploit this vulnerability to perform malicious operatation to compromise module service. (Vulnerability ID: HWPSIRT-2020-05010) This vulnerability has been assigned a Common Vulnerabilities and Exposures (CVE) ID: CVE-2020-9236.

CVSS v3 8.8 HIGH

8.8^/10

CVSS v3 : HIGH

Vector :

Exploitability : 2.8 / Impact : 5.9

Attack Vector NETWORK

Attack Complexity LOW

Privileges Required LOW

User Interaction NONE

Confidentiality Impact HIGH

Integrity Impact HIGH

Availability Impact HIGH

Scope UNCHANGED

References

Link	Resource
https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20200812-01-fc-en	Vendor Advisory

Configurations

Configuration 1 (hide)

cpe:2.3:a:huawei:fusioncompute:8.0.0:*:*:*:*:*:*:*

History

No history.

Information

Published : 2024-12-27 10:15

Updated : 2025-01-14 18:35

NVD link : CVE-2020-9236

Mitre link : CVE-2020-9236

CVE.ORG link : CVE-2020-9236

JSON object : View

Products Affected

huawei

fusioncompute

CWE

CWE-451

User Interface (UI) Misrepresentation of Critical Information

NVD-CWE-noinfo

{"id": "CVE-2020-9236", "cveTags": [], "metrics": {"cvssMetricV31": [{"type": "Secondary", "source": "[email protected]", "cvssData": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 8.8, "attackVector": "NETWORK", "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "integrityImpact": "HIGH", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "HIGH", "privilegesRequired": "LOW", "confidentialityImpact": "HIGH"}, "impactScore": 5.9, "exploitabilityScore": 2.8}, {"type": "Primary", "source": "[email protected]", "cvssData": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 8.8, "attackVector": "NETWORK", "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "integrityImpact": "HIGH", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "HIGH", "privilegesRequired": "LOW", "confidentialityImpact": "HIGH"}, "impactScore": 5.9, "exploitabilityScore": 2.8}]}, "published": "2024-12-27T10:15:15.930", "references": [{"url": "https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20200812-01-fc-en", "tags": ["Vendor Advisory"], "source": "[email protected]"}], "vulnStatus": "Analyzed", "weaknesses": [{"type": "Secondary", "source": "[email protected]", "description": [{"lang": "en", "value": "CWE-451"}]}, {"type": "Primary", "source": "[email protected]", "description": [{"lang": "en", "value": "NVD-CWE-noinfo"}]}], "descriptions": [{"lang": "en", "value": "There is an improper interface design vulnerability in Huawei product. A module interface of the impated product does not deal with some operations properly. Attackers can exploit this vulnerability to perform malicious operatation to compromise module service. (Vulnerability ID: HWPSIRT-2020-05010)\n\n\nThis vulnerability has been assigned a Common Vulnerabilities and Exposures (CVE) ID: CVE-2020-9236."}, {"lang": "es", "value": "Existe una vulnerabilidad de dise\u00f1o de interfaz incorrecta en un producto de Huawei. La interfaz de un m\u00f3dulo del producto afectado no gestiona correctamente algunas operaciones. Los atacantes pueden aprovechar esta vulnerabilidad para realizar operaciones maliciosas que pongan en peligro el servicio del m\u00f3dulo. (ID de vulnerabilidad: HWPSIRT-2020-05010) A esta vulnerabilidad se le ha asignado un ID de vulnerabilidad y exposici\u00f3n com\u00fan (CVE): CVE-2020-9236."}], "lastModified": "2025-01-14T18:35:32.857", "configurations": [{"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:a:huawei:fusioncompute:8.0.0:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "5D251AD0-6227-4190-815F-B526F40D8A43"}], "operator": "OR"}]}], "sourceIdentifier": "[email protected]"}