cvedb.io
CVE-2021-37106
HIGH · CVSS 7.2
EPSS exploitation probability: 0%
Published 2021-09-28T15:15:07.503 · Last modified 2026-06-17T03:59:58.907

Summary

There is a command injection vulnerability in CMA service module of FusionCompute 6.3.0, 6.3.1, 6.5.0 and 8.0.0 when processing the default certificate file. The software constructs part of a command using external special input from users, but the software does not sufficiently validate the user input. Successful exploit could allow the attacker to inject certain commands to the system.

Affected products

huawei — fusioncompute

Does this affect you?

Add your gear to cvedb and we'll alert you only when huawei ships something exploited.

Check my exposure →

References

This product uses data from the NVD API but is not endorsed or certified by the NVD. Informational only; not professional security advice.