CVE-2020-1790

Summary

GaussDB 200 with version of 6.5.1 have a command injection vulnerability. The software constructs part of a command using external input from users, but the software does not sufficiently validate the user input. Successful exploit could allow the attacker to inject certain commands.

Affected Software

VendorProductVersion RangeStatus
HuaweiGaussDB 2006.5.1affected

Weaknesses

  • Command Injection

ADP Enrichment

CVE Program Container

Additional References

References