CVE-2018-7941
Severity Score
8.8
*CVSS v3
Exploit Likelihood
*EPSS
Affected Versions
*CPE
Public Exploits
0
*Multiple Sources
Exploited in Wild
-
*KEV
Decision
-
*SSVC
Descriptions
Huawei iBMC V200R002C60 have an authentication bypass vulnerability. A remote attacker with low privilege may craft specific messages to upload authentication certificate to the affected products. Due to improper validation of the upload authority, successful exploit may cause privilege elevation.
Huawei iBMC V200R002C60 tiene una vulnerabilidad de omisión de autenticación. Un atacante remoto con bajos privilegios puede manipular mensajes específicos para subir un certificado de autenticación en los productos afectados. Debido a la validación incorrecta de la autoridad de subida, un exploit exitoso puede provocar la elevación de privilegios.
*Credits:
N/A
CVSS Scores
Attack Vector
Attack Complexity
Privileges Required
User Interaction
Scope
Confidentiality
Integrity
Availability
Attack Vector
Attack Complexity
Authentication
Confidentiality
Integrity
Availability
* Common Vulnerability Scoring System
SSVC
- Decision:-
Exploitation
Automatable
Tech. Impact
* Organization's Worst-case Scenario
Timeline
- 2018-03-09 CVE Reserved
- 2018-05-10 CVE Published
- 2024-07-05 EPSS Updated
- 2024-08-05 CVE Updated
- ---------- Exploited in Wild
- ---------- KEV Due Date
- ---------- First Exploit
CWE
- CWE-287: Improper Authentication
CAPEC
References (1)
| URL | Tag | Source |
|---|
| URL | Date | SRC |
|---|
| URL | Date | SRC |
|---|
| URL | Date | SRC |
|---|---|---|
| http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20180509-01-bypass-en | 2018-06-14 |
Affected Vendors, Products, and Versions
| Vendor | Product | Version | Other | Status | ||||||
|---|---|---|---|---|---|---|---|---|---|---|
| Vendor | Product | Version | Other | Status | <-- --> | Vendor | Product | Version | Other | Status |
| Huawei Search vendor "Huawei" | Ch121 V3 Firmware Search vendor "Huawei" for product "Ch121 V3 Firmware" | 100r001c00 Search vendor "Huawei" for product "Ch121 V3 Firmware" and version "100r001c00" | - |
Affected
| in | Huawei Search vendor "Huawei" | Ch121 V3 Search vendor "Huawei" for product "Ch121 V3" | - | - |
Safe
|
| Huawei Search vendor "Huawei" | Ch121l V3 Firmware Search vendor "Huawei" for product "Ch121l V3 Firmware" | 100r001c00 Search vendor "Huawei" for product "Ch121l V3 Firmware" and version "100r001c00" | - |
Affected
| in | Huawei Search vendor "Huawei" | Ch121l V3 Search vendor "Huawei" for product "Ch121l V3" | - | - |
Safe
|
| Huawei Search vendor "Huawei" | Ch140 V3 Firmware Search vendor "Huawei" for product "Ch140 V3 Firmware" | 100r001c00 Search vendor "Huawei" for product "Ch140 V3 Firmware" and version "100r001c00" | - |
Affected
| in | Huawei Search vendor "Huawei" | Ch140 V3 Search vendor "Huawei" for product "Ch140 V3" | - | - |
Safe
|
| Huawei Search vendor "Huawei" | Ch140l V3 Firmware Search vendor "Huawei" for product "Ch140l V3 Firmware" | 100r001c00 Search vendor "Huawei" for product "Ch140l V3 Firmware" and version "100r001c00" | - |
Affected
| in | Huawei Search vendor "Huawei" | Ch140l V3 Search vendor "Huawei" for product "Ch140l V3" | - | - |
Safe
|
| Huawei Search vendor "Huawei" | Ch220 V3 Firmware Search vendor "Huawei" for product "Ch220 V3 Firmware" | 100r001c00 Search vendor "Huawei" for product "Ch220 V3 Firmware" and version "100r001c00" | - |
Affected
| in | Huawei Search vendor "Huawei" | Ch220 V3 Search vendor "Huawei" for product "Ch220 V3" | - | - |
Safe
|
| Huawei Search vendor "Huawei" | Ch222 V3 Firmware Search vendor "Huawei" for product "Ch222 V3 Firmware" | 100r001c00 Search vendor "Huawei" for product "Ch222 V3 Firmware" and version "100r001c00" | - |
Affected
| in | Huawei Search vendor "Huawei" | Ch222 V3 Search vendor "Huawei" for product "Ch222 V3" | - | - |
Safe
|
| Huawei Search vendor "Huawei" | Ch242 V3 Firmware Search vendor "Huawei" for product "Ch242 V3 Firmware" | 100r001c00 Search vendor "Huawei" for product "Ch242 V3 Firmware" and version "100r001c00" | - |
Affected
| in | Huawei Search vendor "Huawei" | Ch242 V3 Search vendor "Huawei" for product "Ch242 V3" | - | - |
Safe
|
| Huawei Search vendor "Huawei" | Rh1288 V3 Firmware Search vendor "Huawei" for product "Rh1288 V3 Firmware" | 100r003c00 Search vendor "Huawei" for product "Rh1288 V3 Firmware" and version "100r003c00" | - |
Affected
| in | Huawei Search vendor "Huawei" | Rh1288 V3 Search vendor "Huawei" for product "Rh1288 V3" | - | - |
Safe
|
| Huawei Search vendor "Huawei" | Rh2288 V3 Firmware Search vendor "Huawei" for product "Rh2288 V3 Firmware" | 100r003c00 Search vendor "Huawei" for product "Rh2288 V3 Firmware" and version "100r003c00" | - |
Affected
| in | Huawei Search vendor "Huawei" | Rh2288 V3 Search vendor "Huawei" for product "Rh2288 V3" | - | - |
Safe
|
| Huawei Search vendor "Huawei" | Rh2288h V3 Firmware Search vendor "Huawei" for product "Rh2288h V3 Firmware" | 100r003c00 Search vendor "Huawei" for product "Rh2288h V3 Firmware" and version "100r003c00" | - |
Affected
| in | Huawei Search vendor "Huawei" | Rh2288h V3 Search vendor "Huawei" for product "Rh2288h V3" | - | - |
Safe
|
| Huawei Search vendor "Huawei" | Xh310 V3 Firmware Search vendor "Huawei" for product "Xh310 V3 Firmware" | 100r003c00 Search vendor "Huawei" for product "Xh310 V3 Firmware" and version "100r003c00" | - |
Affected
| in | Huawei Search vendor "Huawei" | Xh310 V3 Search vendor "Huawei" for product "Xh310 V3" | - | - |
Safe
|
| Huawei Search vendor "Huawei" | Xh321 V3 Firmware Search vendor "Huawei" for product "Xh321 V3 Firmware" | 100r003c00 Search vendor "Huawei" for product "Xh321 V3 Firmware" and version "100r003c00" | - |
Affected
| in | Huawei Search vendor "Huawei" | Xh321 V3 Search vendor "Huawei" for product "Xh321 V3" | - | - |
Safe
|
| Huawei Search vendor "Huawei" | Xh620 V3 Firmware Search vendor "Huawei" for product "Xh620 V3 Firmware" | 100r003c00 Search vendor "Huawei" for product "Xh620 V3 Firmware" and version "100r003c00" | - |
Affected
| in | Huawei Search vendor "Huawei" | Xh620 V3 Search vendor "Huawei" for product "Xh620 V3" | - | - |
Safe
|
| Huawei Search vendor "Huawei" | Ch121 V5 Firmware Search vendor "Huawei" for product "Ch121 V5 Firmware" | 100r001c00 Search vendor "Huawei" for product "Ch121 V5 Firmware" and version "100r001c00" | - |
Affected
| in | Huawei Search vendor "Huawei" | Ch121 V5 Search vendor "Huawei" for product "Ch121 V5" | - | - |
Safe
|
| Huawei Search vendor "Huawei" | Ch121l V5 Firmware Search vendor "Huawei" for product "Ch121l V5 Firmware" | 100r001c00 Search vendor "Huawei" for product "Ch121l V5 Firmware" and version "100r001c00" | - |
Affected
| in | Huawei Search vendor "Huawei" | Ch121l V5 Search vendor "Huawei" for product "Ch121l V5" | - | - |
Safe
|
| Huawei Search vendor "Huawei" | Ch242 V5 Firmware Search vendor "Huawei" for product "Ch242 V5 Firmware" | 100r001c00 Search vendor "Huawei" for product "Ch242 V5 Firmware" and version "100r001c00" | - |
Affected
| in | Huawei Search vendor "Huawei" | Ch242 V5 Search vendor "Huawei" for product "Ch242 V5" | - | - |
Safe
|
| Huawei Search vendor "Huawei" | 1288h V5 Firmware Search vendor "Huawei" for product "1288h V5 Firmware" | 100r005c00 Search vendor "Huawei" for product "1288h V5 Firmware" and version "100r005c00" | - |
Affected
| in | Huawei Search vendor "Huawei" | 1288h V5 Search vendor "Huawei" for product "1288h V5" | - | - |
Safe
|
| Huawei Search vendor "Huawei" | 2288h V5 Firmware Search vendor "Huawei" for product "2288h V5 Firmware" | 100r005c00 Search vendor "Huawei" for product "2288h V5 Firmware" and version "100r005c00" | - |
Affected
| in | Huawei Search vendor "Huawei" | 2288h V5 Search vendor "Huawei" for product "2288h V5" | - | - |
Safe
|
| Huawei Search vendor "Huawei" | 2488 V5 Firmware Search vendor "Huawei" for product "2488 V5 Firmware" | 100r005c00 Search vendor "Huawei" for product "2488 V5 Firmware" and version "100r005c00" | - |
Affected
| in | Huawei Search vendor "Huawei" | 2488 V5 Search vendor "Huawei" for product "2488 V5" | - | - |
Safe
|
| Huawei Search vendor "Huawei" | Xh321 V5 Firmware Search vendor "Huawei" for product "Xh321 V5 Firmware" | 100r005c00 Search vendor "Huawei" for product "Xh321 V5 Firmware" and version "100r005c00" | - |
Affected
| in | Huawei Search vendor "Huawei" | Xh321 V5 Search vendor "Huawei" for product "Xh321 V5" | - | - |
Safe
|