CVE-2018-7949
First published: Fri Jun 01 2018(Updated: )
The iBMC (Intelligent Baseboard Management Controller) of some Huawei servers have a privilege escalation vulnerability. A remote attacker may send some specially crafted login messages to the affected products. Due to improper authentication design, successful exploit enables low privileged users to get or modify passwords of highly privileged users.
Credit: psirt@huawei.com
| Affected Software | Affected Version | How to fix |
|---|---|---|
| Huawei 1288h V5 Firmware | =100r005c00 | |
| Huawei 1288H V5 | ||
| Huawei 2288h V5 Firmware | =100r005c00 | |
| Huawei 2288h V5 | ||
| Huawei 2488 V5 Firmware | =100r005c00 | |
| Huawei 2488 V5 | ||
| Huawei Ch121 V3 Firmware | =100r001c00 | |
| Huawei Ch121 V3 | ||
| Huawei Ch121l V3 Firmware | =100r001c00 | |
| Huawei Ch121l V3 | ||
| Huawei Ch121l V5 Firmware | =100r001c00 | |
| Huawei Ch121l V5 | ||
| Huawei Ch121 V5 Firmware | =100r001c00 | |
| Huawei Ch121 V5 | ||
| Huawei Ch140 V3 Firmware | =100r001c00 | |
| Huawei Ch140 V3 | ||
| Huawei Ch140l V3 Firmware | =100r001c00 | |
| Huawei Ch140l V3 | ||
| Huawei Ch220 V3 Firmware | =100r001c00 | |
| Huawei Ch220 V3 | ||
| Huawei Ch222 V3 Firmware | =100r001c00 | |
| Huawei Ch222 V3 | ||
| Huawei Ch242 V3 Firmware | =100r001c00 | |
| Huawei Ch242 V3 | ||
| Huawei Ch242 V5 Firmware | =100r001c00 | |
| Huawei Ch242 V5 | ||
| Huawei Rh1288 V3 Firmware | =100r003c00 | |
| Huawei Rh1288 V3 | ||
| Huawei Rh2288 V3 Firmware | =100r003c00 | |
| Huawei Rh2288 V3 | ||
| Huawei Xh310 V3 Firmware | =100r003c00 | |
| Huawei Xh310 V3 | ||
| Huawei Xh321 V3 Firmware | =100r003c00 | |
| Huawei Xh321 V3 | ||
| Huawei Xh321 V5 Firmware | =100r005c00 | |
| Huawei Xh321 V5 | ||
| Huawei Rh2288h V3 Firmware | =100r003c00 | |
| Huawei Rh2288h V3 | ||
| Huawei Xh620 V3 Firmware | =100r003c00 | |
| Huawei Xh620 V3 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
- collector/nvd-index
- agent/severity
- agent/references
- agent/author
- agent/type
- agent/event
- agent/weakness
- agent/description
- agent/last-modified-date
- agent/softwarecombine
- agent/first-publish-date
- agent/tags
- collector/mitre-cve
- source/MITRE
- vendor/huawei
- canonical/huawei 1288h v5 firmware
- version/huawei 1288h v5 firmware/100r005c00
- canonical/huawei 1288h v5
- canonical/huawei 2288h v5 firmware
- version/huawei 2288h v5 firmware/100r005c00
- canonical/huawei 2288h v5
- canonical/huawei 2488 v5 firmware
- version/huawei 2488 v5 firmware/100r005c00
- canonical/huawei 2488 v5
- canonical/huawei ch121 v3 firmware
- version/huawei ch121 v3 firmware/100r001c00
- canonical/huawei ch121 v3
- canonical/huawei ch121l v3 firmware
- version/huawei ch121l v3 firmware/100r001c00
- canonical/huawei ch121l v3
- canonical/huawei ch121l v5 firmware
- version/huawei ch121l v5 firmware/100r001c00
- canonical/huawei ch121l v5
- canonical/huawei ch121 v5 firmware
- version/huawei ch121 v5 firmware/100r001c00
- canonical/huawei ch121 v5
- canonical/huawei ch140 v3 firmware
- version/huawei ch140 v3 firmware/100r001c00
- canonical/huawei ch140 v3
- canonical/huawei ch140l v3 firmware
- version/huawei ch140l v3 firmware/100r001c00
- canonical/huawei ch140l v3
- canonical/huawei ch220 v3 firmware
- version/huawei ch220 v3 firmware/100r001c00
- canonical/huawei ch220 v3
- canonical/huawei ch222 v3 firmware
- version/huawei ch222 v3 firmware/100r001c00
- canonical/huawei ch222 v3
- canonical/huawei ch242 v3 firmware
- version/huawei ch242 v3 firmware/100r001c00
- canonical/huawei ch242 v3
- canonical/huawei ch242 v5 firmware
- version/huawei ch242 v5 firmware/100r001c00
- canonical/huawei ch242 v5
- canonical/huawei rh1288 v3 firmware
- version/huawei rh1288 v3 firmware/100r003c00
- canonical/huawei rh1288 v3
- canonical/huawei rh2288 v3 firmware
- version/huawei rh2288 v3 firmware/100r003c00
- canonical/huawei rh2288 v3
- canonical/huawei xh310 v3 firmware
- version/huawei xh310 v3 firmware/100r003c00
- canonical/huawei xh310 v3
- canonical/huawei xh321 v3 firmware
- version/huawei xh321 v3 firmware/100r003c00
- canonical/huawei xh321 v3
- canonical/huawei xh321 v5 firmware
- version/huawei xh321 v5 firmware/100r005c00
- canonical/huawei xh321 v5
- canonical/huawei rh2288h v3 firmware
- version/huawei rh2288h v3 firmware/100r003c00
- canonical/huawei rh2288h v3
- canonical/huawei xh620 v3 firmware
- version/huawei xh620 v3 firmware/100r003c00
- canonical/huawei xh620 v3