Vulnerabilities > CVE-2018-7942 - Unspecified vulnerability in Huawei products

CVSS 7.5 - HIGH

Attack vector

NETWORK

Attack complexity

LOW

Privileges required

NONE

Confidentiality impact

HIGH

Integrity impact

NONE

Availability impact

NONE

network

low complexity

huawei

NVD

Published: 2018-05-24

Updated: 2020-08-24

Summary

The iBMC (Intelligent Baseboard Management Controller) of some Huawei servers have an authentication bypass vulnerability. An unauthenticated, remote attacker may send some specially crafted messages to the affected products. Due to improper authentication design, successful exploit may cause some information leak.

Vulnerable Configurations

Part	Description	Count
OS	Huawei Huawei 1288H V5 Firmware 100R005C00 Huawei 2288H V5 Firmware 100R005C00 Huawei 2488 V5 Firmware 100R005C00 Huawei Ch242 V3 Firmware 100R001C00 Huawei Ch121L V3 Firmware 100R001C00 Huawei Ch121L V5 Firmware 100R001C00 Huawei Ch121 V3 Firmware 100R001C00	7
Hardware	Huawei Huawei 1288H V5 - Huawei 2288H V5 - Huawei 2488 V5 - Huawei Ch242 V3 - Huawei Ch121L V3 - Huawei Ch121L V5 - Huawei Ch121 V3 -	7

Summary

Vulnerable Configurations

References