← Back

Ch220 V3 Firmware

ch220_v3_firmware

Vendor: Huawei • 6 CVEs

CVEs (6)

CVE
VENDORS
PRODUCTS
UPDATED
PUBLISHED
CVSS
CVE-2018-7943
1Huawei
201288h V5 Firmware
2288h V5 Firmware2488 V5 Firmware+17 more
Nov 21, 2024
Jun 5, 2018
N/A· v4
8.8 HIGH· v3
6.5 MEDIUM· v2
There is an authentication bypass vulnerability in some Huawei servers. A remote attacker with low privilege may bypass the authentication by some special operations. Due to insufficient authentication, an attacker may e...Show more
There is an authentication bypass vulnerability in some Huawei servers. A remote attacker with low privilege may bypass the authentication by some special operations. Due to insufficient authentication, an attacker may exploit the vulnerability to get some sensitive information and high-level users' privilege.Show less
CVE-2018-7951
1Huawei
201288h V5 Firmware
2288h V5 Firmware2488 V5 Firmware+17 more
Nov 21, 2024
Jun 1, 2018
N/A· v4
8.8 HIGH· v3
9.0 HIGH· v2
The iBMC (Intelligent Baseboard Management Controller) of some Huawei servers have a JSON injection vulnerability due to insufficient input validation. An authenticated, remote attacker can launch a JSON injection to mod...Show more
The iBMC (Intelligent Baseboard Management Controller) of some Huawei servers have a JSON injection vulnerability due to insufficient input validation. An authenticated, remote attacker can launch a JSON injection to modify the password of administrator. Successful exploit may allow attackers to obtain the management privilege of the system.Show less
CVE-2018-7950
1Huawei
201288h V5 Firmware
2288h V5 Firmware2488 V5 Firmware+17 more
Nov 21, 2024
Jun 1, 2018
N/A· v4
8.8 HIGH· v3
9.0 HIGH· v2
The iBMC (Intelligent Baseboard Management Controller) of some Huawei servers have a JSON injection vulnerability due to insufficient input validation. An authenticated, remote attacker can launch a JSON injection to mod...Show more
The iBMC (Intelligent Baseboard Management Controller) of some Huawei servers have a JSON injection vulnerability due to insufficient input validation. An authenticated, remote attacker can launch a JSON injection to modify the password of administrator. Successful exploit may allow attackers to obtain the management privilege of the system.Show less
CVE-2018-7949
1Huawei
201288h V5 Firmware
2288h V5 Firmware2488 V5 Firmware+17 more
Nov 21, 2024
Jun 1, 2018
N/A· v4
8.8 HIGH· v3
4.0 MEDIUM· v2
The iBMC (Intelligent Baseboard Management Controller) of some Huawei servers have a privilege escalation vulnerability. A remote attacker may send some specially crafted login messages to the affected products. Due to i...Show more
The iBMC (Intelligent Baseboard Management Controller) of some Huawei servers have a privilege escalation vulnerability. A remote attacker may send some specially crafted login messages to the affected products. Due to improper authentication design, successful exploit enables low privileged users to get or modify passwords of highly privileged users.Show less
CVE-2018-7941
1Huawei
201288h V5 Firmware
2288h V5 Firmware2488 V5 Firmware+17 more
Nov 21, 2024
May 10, 2018
N/A· v4
8.8 HIGH· v3
6.5 MEDIUM· v2
Huawei iBMC V200R002C60 have an authentication bypass vulnerability. A remote attacker with low privilege may craft specific messages to upload authentication certificate to the affected products. Due to improper validat...Show more
Huawei iBMC V200R002C60 have an authentication bypass vulnerability. A remote attacker with low privilege may craft specific messages to upload authentication certificate to the affected products. Due to improper validation of the upload authority, successful exploit may cause privilege elevation.Show less
CVE-2015-7842
1Huawei
10Ch121 V3 Firmware
Ch220 V3 FirmwareCh222 V3 Firmware+7 more
May 13, 2026
Oct 10, 2017
N/A· v4
7.1 HIGH· v3
5.5 MEDIUM· v2
Huawei FusionServer rack servers RH2288 V3 with software before V100R003C00SPC603, RH2288H V3 with software before V100R003C00SPC503, XH628 V3 with software before V100R003C00SPC602, RH1288 V3 with software before V100R0...Show more
Huawei FusionServer rack servers RH2288 V3 with software before V100R003C00SPC603, RH2288H V3 with software before V100R003C00SPC503, XH628 V3 with software before V100R003C00SPC602, RH1288 V3 with software before V100R003C00SPC602, RH2288A V2 with software before V100R002C00SPC701, RH1288A V2 with software before V100R002C00SPC502, RH8100 V3 with software before V100R003C00SPC110, CH222 V3 with software before V100R001C00SPC161, CH220 V3 with software before V100R001C00SPC161, and CH121 V3 with software before V100R001C00SPC161 allow remote authenticated operators to change server information by leveraging failure to verify user permissions.Show less