Huawei FusionAccess with software V100R005C10 and V100R005C20 could allow remote attackers with specific permission to inject a Lightweight Directory Access Protocol (LDAP) operation command into a specific input variable to obtain sensitive information from the database.
[
{
"product": "FusionAccess FusionAccess V100R005C10, FusionAccess V100R005C20",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "FusionAccess FusionAccess V100R005C10, FusionAccess V100R005C20"
}
]
}
]