CVE-2018-7942

🗓️ 24 May 2018 14:00:00Reported by huaweiType

iBMC of some Huawei servers has an authentication bypass vulnerability allowing unauthenticated remote attackers to leak information

Reporter	Title	Published	Views	Family All 7
CNVD	Intelligent Baseboard Management authentication bypass vulnerability in multiple Huawei products	28 May 201800:00	–	cnvd
Cvelist	CVE-2018-7942	24 May 201814:00	–	cvelist
EUVD	EUVD-2018-19654	7 Oct 202500:30	–	euvd
Huawei	Security Advisory - Authentication Bypass Vulnerability in Some Huawei Servers	23 May 201800:00	–	huawei
NVD	CVE-2018-7942	24 May 201814:29	–	nvd
Prion	Authentication flaw	24 May 201814:29	–	prion
ThreatPost	Huawei Patches Four Server Bugs Rated High Severity	31 May 201819:03	–	threatpost

NVD

Node

huawei 1288h_v5_firmwareMatch100r005c00

AND

huawei 1288h_v5Match-

Node

huawei 2288h_v5_firmwareMatch100r005c00

AND

huawei 2288h_v5Match-

Node

huawei 2488_v5_firmwareMatch100r005c00

AND

huawei 2488_v5Match-

Node

huawei ch242_v3_firmwareMatch100r001c00

AND

huawei ch242_v3Match-

Node

huawei ch121l_v3_firmwareMatch100r001c00

AND

huawei ch121l_v3Match-

Node

huawei ch121l_v5_firmwareMatch100r001c00

AND

huawei ch121l_v5Match-

Node

huawei ch121_v3_firmwareMatch100r001c00

AND

huawei ch121_v3Match-

[
  {
    "product": "1288H V5; 2288H V5; 2488 V5; CH121 V3; CH121L V3; CH121L V5; CH121 V5; CH140 V3; CH140L V3; CH220 V3; CH222 V3; CH242 V3; CH242 V5; RH1288 V3; RH2288 V3; RH2288H V3; XH310 V3; XH321 V3; XH321 V5; XH620 V3",
    "vendor": "Huawei Technologies Co., Ltd.",
    "versions": [
      {
        "status": "affected",
        "version": "1288H V5 V100R005C00"
      },
      {
        "status": "affected",
        "version": "2288H V5 V100R005C00"
      },
      {
        "status": "affected",
        "version": "2488 V5 V100R005C00"
      },
      {
        "status": "affected",
        "version": "CH121 V3 V100R001C00"
      },
      {
        "status": "affected",
        "version": "CH121L V3 V100R001C00"
      },
      {
        "status": "affected",
        "version": "CH121L V5 V100R001C00"
      },
      {
        "status": "affected",
        "version": "CH121 V5 V100R001C00"
      },
      {
        "status": "affected",
        "version": "CH140 V3 V100R001C00"
      },
      {
        "status": "affected",
        "version": "CH140L V3 V100R001C00"
      },
      {
        "status": "affected",
        "version": "CH220 V3 V100R001C00"
      },
      {
        "status": "affected",
        "version": "CH222 V3 V100R001C00"
      },
      {
        "status": "affected",
        "version": "CH242 V3 V100R001C00"
      },
      {
        "status": "affected",
        "version": "CH242 V5 V100R001C00"
      },
      {
        "status": "affected",
        "version": "RH1288 V3 V100R003C00"
      },
      {
        "status": "affected",
        "version": "RH2288 V3 V100R003C00"
      },
      {
        "status": "affected",
        "version": "RH2288H V3 V100R003C00"
      },
      {
        "status": "affected",
        "version": "XH310 V3 V100R003C00"
      },
      {
        "status": "affected",
        "version": "XH321 V3 V100R003C00"
      },
      {
        "status": "affected",
        "version": "XH321 V5 V100R005C00"
      },
      {
        "status": "affected",
        "version": "XH620 V3 V100R003C00"
      }
    ]
  }
]

Source	Link
huawei	www.huawei.com/en/psirt/security-advisories/huawei-sa-20180523-01-server-en
exchange	www.exchange.xforce.ibmcloud.com/vulnerabilities/143686

21 Nov 2024 04:12Current

7.7High risk

Vulners AI Score7.7

CVSS 25

CVSS 37.5

EPSS0.00283