Authentication flaw

2018-05-2414:29:00

PRIOn knowledge base

www.prio-n.com

7.7 High

AI Score

Confidence

High

0.003 Low

EPSS

Percentile

66.4%

JSON

The iBMC (Intelligent Baseboard Management Controller) of some Huawei servers have an authentication bypass vulnerability. An unauthenticated, remote attacker may send some specially crafted messages to the affected products. Due to improper authentication design, successful exploit may cause some information leak.

CPENameOperatorVersion
1288h_v5_firmwareeq100.0.0-r5-c0
2288h_v5_firmwareeq100.0.0-r5-c0
2488_v5_firmwareeq100.0.0-r5-c0
ch121_v3_firmwareeq100.0.0-r1-c0
ch121l_v3_firmwareeq100.0.0-r1-c0
ch121l_v5_firmwareeq100.0.0-r1-c0
ch242_v3_firmwareeq100.0.0-r1-c0

Name	Operator	Version
1288h_v5_firmware	eq	100.0.0-r5-c0
2288h_v5_firmware	eq	100.0.0-r5-c0
2488_v5_firmware	eq	100.0.0-r5-c0
ch121_v3_firmware	eq	100.0.0-r1-c0
ch121l_v3_firmware	eq	100.0.0-r1-c0
ch121l_v5_firmware	eq	100.0.0-r1-c0
ch242_v3_firmware	eq	100.0.0-r1-c0