CVE-2018-7943
First published: Wed May 30 2018(Updated: )
There is an authentication bypass vulnerability in some Huawei servers. A remote attacker with low privilege may bypass the authentication by some special operations. Due to insufficient authentication, an attacker may exploit the vulnerability to get some sensitive information and high-level users' privilege.
Credit: psirt@huawei.com
| Affected Software | Affected Version | How to fix |
|---|---|---|
| Huawei 1288h V5 Firmware | =v100r005c00 | |
| Huawei 1288h V5 Firmware | ||
| Huawei 2288H V5 | =v100r005c00 | |
| Huawei 2288h V5 Firmware | ||
| Huawei 2488 V5 Firmware | =v100r005c00 | |
| Huawei 2488 V5 Firmware | ||
| Huawei Ch121 V3 Server Firmware | =v100r001c00 | |
| Huawei Fusionserver Ch121 V3 | ||
| Huawei Ch121l V3 Firmware | =v100r001c00 | |
| Huawei CH121L V3 | ||
| Huawei CH121L V5 Firmware | =v100r001c00 | |
| Huawei CH121L V5 Firmware | ||
| Huawei CH121L V5 | =v100r001c00 | |
| Huawei Ch121 V5 Firmware | ||
| Huawei Ch140 V3 Server Firmware | =v100r001c00 | |
| Huawei Ch140 V3 Server Firmware | ||
| Huawei CH140L V3 | =v100r001c00 | |
| Huawei CH140L V3 | ||
| Huawei Ch220 V3 Server | =v100r001c00 | |
| Huawei Ch220 V3 Server | ||
| Huawei Ch222 V3 | =v100r001c00 | |
| Huawei Fusionserver Ch222 V3 | ||
| huawei ch242 v3 firmware | =v100r001c00 | |
| huawei ch242 v3 | ||
| Huawei Ch242 V5 | =v100r001c00 | |
| Huawei Ch242 V5 Firmware | ||
| Huawei Rh1288 V3 Server Firmware | =v100r003c00 | |
| Huawei RH1288 V3 server | ||
| Huawei Rh2288 V3 Firmware | =v100r003c00 | |
| Huawei Fusionserver Rh2288 V3 | ||
| Huawei Rh2288h V3 Firmware | =v100r003c00 | |
| Huawei Fusionserver RH2288H V3 | ||
| Huawei Xh310 V3 Firmware | =v100r003c00 | |
| Huawei Xh310 V3 | ||
| Huawei Xh321 V3 Firmware | =v100r003c00 | |
| Huawei Xh321 V3 | ||
| Huawei Xh321 V5 Firmware | =v100r005c00 | |
| Huawei Xh321 V5 | ||
| Huawei Xh620 V3 Firmware | =v100r003c00 | |
| Huawei Xh620 V3 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Frequently Asked Questions
What is the severity of CVE-2018-7943?
CVE-2018-7943 has a medium severity level due to potential authentication bypass and exposure of sensitive information.
How do I fix CVE-2018-7943?
To fix CVE-2018-7943, update the firmware of affected Huawei servers to the latest version provided by Huawei.
Which systems are affected by CVE-2018-7943?
CVE-2018-7943 affects Huawei servers using specific firmware versions, including the Huawei 1288H V5, 2288H V5, and 2488 V5 running v100r005c00 and others.
What are the consequences of exploiting CVE-2018-7943?
Exploiting CVE-2018-7943 can allow an attacker to bypass authentication and potentially access sensitive information or perform unauthorized actions.
Is there a patch available for CVE-2018-7943?
Yes, Huawei has released patches to address CVE-2018-7943, which can be found in the latest firmware updates.
- agent/type
- agent/softwarecombine
- collector/mitre-cve
- source/MITRE
- agent/weakness
- agent/severity
- agent/references
- agent/last-modified-date
- agent/author
- agent/first-publish-date
- agent/description
- agent/event
- agent/source
- agent/tags
- collector/nvd-index
- agent/software-canonical-lookup-request
- vendor/huawei
- canonical/huawei 1288h v5 firmware
- version/huawei 1288h v5 firmware/v100r005c00
- canonical/huawei 2288h v5
- version/huawei 2288h v5/v100r005c00
- canonical/huawei 2288h v5 firmware
- canonical/huawei 2488 v5 firmware
- version/huawei 2488 v5 firmware/v100r005c00
- canonical/huawei ch121 v3 server firmware
- version/huawei ch121 v3 server firmware/v100r001c00
- canonical/huawei fusionserver ch121 v3
- canonical/huawei ch121l v3 firmware
- version/huawei ch121l v3 firmware/v100r001c00
- canonical/huawei ch121l v3
- canonical/huawei ch121l v5 firmware
- version/huawei ch121l v5 firmware/v100r001c00
- canonical/huawei ch121l v5
- version/huawei ch121l v5/v100r001c00
- canonical/huawei ch121 v5 firmware
- canonical/huawei ch140 v3 server firmware
- version/huawei ch140 v3 server firmware/v100r001c00
- canonical/huawei ch140l v3
- version/huawei ch140l v3/v100r001c00
- canonical/huawei ch220 v3 server
- version/huawei ch220 v3 server/v100r001c00
- canonical/huawei ch222 v3
- version/huawei ch222 v3/v100r001c00
- canonical/huawei fusionserver ch222 v3
- canonical/huawei ch242 v3 firmware
- version/huawei ch242 v3 firmware/v100r001c00
- canonical/huawei ch242 v3
- canonical/huawei ch242 v5
- version/huawei ch242 v5/v100r001c00
- canonical/huawei ch242 v5 firmware
- canonical/huawei rh1288 v3 server firmware
- version/huawei rh1288 v3 server firmware/v100r003c00
- canonical/huawei rh1288 v3 server
- canonical/huawei rh2288 v3 firmware
- version/huawei rh2288 v3 firmware/v100r003c00
- canonical/huawei fusionserver rh2288 v3
- canonical/huawei rh2288h v3 firmware
- version/huawei rh2288h v3 firmware/v100r003c00
- canonical/huawei fusionserver rh2288h v3
- canonical/huawei xh310 v3 firmware
- version/huawei xh310 v3 firmware/v100r003c00
- canonical/huawei xh310 v3
- canonical/huawei xh321 v3 firmware
- version/huawei xh321 v3 firmware/v100r003c00
- canonical/huawei xh321 v3
- canonical/huawei xh321 v5 firmware
- version/huawei xh321 v5 firmware/v100r005c00
- canonical/huawei xh321 v5
- canonical/huawei xh620 v3 firmware
- version/huawei xh620 v3 firmware/v100r003c00
- canonical/huawei xh620 v3