CVE-2020-9137

Summary

There is a privilege escalation vulnerability in some versions of CloudEngine 12800,CloudEngine 5800,CloudEngine 6800 and CloudEngine 7800. Due to insufficient input validation, a local attacker with high privilege may execute some specially crafted scripts in the affected products. Successful exploit will cause privilege escalation.

Affected Software

VendorProductVersion RangeStatus
n/aCloudEngine 12800;CloudEngine 5800;CloudEngine 6800;CloudEngine 7800V200R002C50SPC800,V200R003C00SPC810,V200R005C00SPC800,V200R005C10SPC800,V200R019C00SPC800,V200R019C10SPC800affected
n/aCloudEngine 12800;CloudEngine 5800;CloudEngine 6800;CloudEngine 7800V200R002C50SPC800,V200R003C00SPC810,V200R005C00SPC800,V200R005C10SPC800,V200R005C20SPC800,V200R019C00SPC800,V200R019C10SPC800affected

Weaknesses

  • Privilege Escalation

ADP Enrichment

CVE Program Container

Additional References

References