CVE-2018-7942
Severity Score
7.5
*CVSS v3
Exploit Likelihood
*EPSS
Affected Versions
*CPE
Public Exploits
0
*Multiple Sources
Exploited in Wild
-
*KEV
Decision
-
*SSVC
Descriptions
The iBMC (Intelligent Baseboard Management Controller) of some Huawei servers have an authentication bypass vulnerability. An unauthenticated, remote attacker may send some specially crafted messages to the affected products. Due to improper authentication design, successful exploit may cause some information leak.
iBMC (Intelligent Baseboard Management Controller) en algunos servidores Huawei tiene una vulnerabilidad de omisión de autenticación. Un atacante remoto no autenticado podría enviar algunos mensajes especialmente manipulados a los productos afectados. Debido al diseño incorrecto de la autenticación, su explotación con éxito podría provocar un filtrado de información.
*Credits:
N/A
CVSS Scores
Attack Vector
Attack Complexity
Privileges Required
User Interaction
Scope
Confidentiality
Integrity
Availability
Attack Vector
Attack Complexity
Authentication
Confidentiality
Integrity
Availability
* Common Vulnerability Scoring System
SSVC
- Decision:-
Exploitation
Automatable
Tech. Impact
* Organization's Worst-case Scenario
Timeline
- 2018-03-09 CVE Reserved
- 2018-05-24 CVE Published
- 2023-07-08 EPSS Updated
- 2024-08-05 CVE Updated
- ---------- Exploited in Wild
- ---------- KEV Due Date
- ---------- First Exploit
CWE
CAPEC
References (2)
| URL | Tag | Source |
|---|---|---|
| http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20180523-01-server-en | Broken Link | |
| https://exchange.xforce.ibmcloud.com/vulnerabilities/143686 | Third Party Advisory |
| URL | Date | SRC |
|---|
| URL | Date | SRC |
|---|
| URL | Date | SRC |
|---|
Affected Vendors, Products, and Versions
| Vendor | Product | Version | Other | Status | ||||||
|---|---|---|---|---|---|---|---|---|---|---|
| Vendor | Product | Version | Other | Status | <-- --> | Vendor | Product | Version | Other | Status |
| Huawei Search vendor "Huawei" | 1288h V5 Firmware Search vendor "Huawei" for product "1288h V5 Firmware" | 100r005c00 Search vendor "Huawei" for product "1288h V5 Firmware" and version "100r005c00" | - |
Affected
| in | Huawei Search vendor "Huawei" | 1288h V5 Search vendor "Huawei" for product "1288h V5" | - | - |
Safe
|
| Huawei Search vendor "Huawei" | 2288h V5 Firmware Search vendor "Huawei" for product "2288h V5 Firmware" | 100r005c00 Search vendor "Huawei" for product "2288h V5 Firmware" and version "100r005c00" | - |
Affected
| in | Huawei Search vendor "Huawei" | 2288h V5 Search vendor "Huawei" for product "2288h V5" | - | - |
Safe
|
| Huawei Search vendor "Huawei" | 2488 V5 Firmware Search vendor "Huawei" for product "2488 V5 Firmware" | 100r005c00 Search vendor "Huawei" for product "2488 V5 Firmware" and version "100r005c00" | - |
Affected
| in | Huawei Search vendor "Huawei" | 2488 V5 Search vendor "Huawei" for product "2488 V5" | - | - |
Safe
|
| Huawei Search vendor "Huawei" | Ch242 V3 Firmware Search vendor "Huawei" for product "Ch242 V3 Firmware" | 100r001c00 Search vendor "Huawei" for product "Ch242 V3 Firmware" and version "100r001c00" | - |
Affected
| in | Huawei Search vendor "Huawei" | Ch242 V3 Search vendor "Huawei" for product "Ch242 V3" | - | - |
Safe
|
| Huawei Search vendor "Huawei" | Ch121l V3 Firmware Search vendor "Huawei" for product "Ch121l V3 Firmware" | 100r001c00 Search vendor "Huawei" for product "Ch121l V3 Firmware" and version "100r001c00" | - |
Affected
| in | Huawei Search vendor "Huawei" | Ch121l V3 Search vendor "Huawei" for product "Ch121l V3" | - | - |
Safe
|
| Huawei Search vendor "Huawei" | Ch121l V5 Firmware Search vendor "Huawei" for product "Ch121l V5 Firmware" | 100r001c00 Search vendor "Huawei" for product "Ch121l V5 Firmware" and version "100r001c00" | - |
Affected
| in | Huawei Search vendor "Huawei" | Ch121l V5 Search vendor "Huawei" for product "Ch121l V5" | - | - |
Safe
|
| Huawei Search vendor "Huawei" | Ch121 V3 Firmware Search vendor "Huawei" for product "Ch121 V3 Firmware" | 100r001c00 Search vendor "Huawei" for product "Ch121 V3 Firmware" and version "100r001c00" | - |
Affected
| in | Huawei Search vendor "Huawei" | Ch121 V3 Search vendor "Huawei" for product "Ch121 V3" | - | - |
Safe
|