CVE-2018-7942
7.5
Vector
CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
Exploitability: 3.9 / Impact: 3.6
Source: NVD
Description
The iBMC (Intelligent Baseboard Management Controller) of some Huawei servers have an authentication bypass vulnerability. An unauthenticated, remote attacker may send some specially crafted messages to the affected products. Due to improper authentication design, successful exploit may cause some information leak.
Affected (7)
Configuration A
| Vulnerable Software | Affected Versions |
|---|---|
| Version 100r005c00 |
| Running on/with | Platform Versions |
|---|---|
Huawei 1288h V5 | All versions |
Configuration B
| Vulnerable Software | Affected Versions |
|---|---|
| Version 100r005c00 |
| Running on/with | Platform Versions |
|---|---|
Huawei 2288h V5 | All versions |
Configuration C
| Vulnerable Software | Affected Versions |
|---|---|
| Version 100r005c00 |
| Running on/with | Platform Versions |
|---|---|
Huawei 2488 V5 | All versions |
Configuration D
| Vulnerable Software | Affected Versions |
|---|---|
| Version 100r001c00 |
| Running on/with | Platform Versions |
|---|---|
Huawei Ch242 V3 | All versions |
Configuration E
| Vulnerable Software | Affected Versions |
|---|---|
| Version 100r001c00 |
| Running on/with | Platform Versions |
|---|---|
Huawei Ch121l V3 | All versions |
Configuration F
| Vulnerable Software | Affected Versions |
|---|---|
| Version 100r001c00 |
| Running on/with | Platform Versions |
|---|---|
Huawei Ch121l V5 | All versions |
Configuration G
| Vulnerable Software | Affected Versions |
|---|---|
| Version 100r001c00 |
| Running on/with | Platform Versions |
|---|---|
Huawei Ch121 V3 | All versions |
References (3)
Source: psirt@huawei.com
Broken Link
Source: af854a3a-2127-422b-91ae-364da2661108
Broken Link
Timeline
No history available yet.