CVE-2018-7942

4 documents4 sources
Severity
7.5HIGH
EPSS
0.3%
top 48.32%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
7
Huawei 1288h V5 FirmwareHuawei 2288h V5 FirmwareHuawei 2488 V5 Firmware+4 more
Timeline
PublishedMay 24
Latest updateMay 13

Description

The iBMC (Intelligent Baseboard Management Controller) of some Huawei servers have an authentication bypass vulnerability. An unauthenticated, remote attacker may send some specially crafted messages to the affected products. Due to improper authentication design, successful exploit may cause some information leak.

CVSS vector

CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:NExploitability: 3.9 | Impact: 3.6

Affected Packages7 packages

NVDhuawei/2488_v5_firmware100r005c00
NVDhuawei/1288h_v5_firmware100r005c00
NVDhuawei/2288h_v5_firmware100r005c00
NVDhuawei/ch121_v3_firmware100r001c00
NVDhuawei/ch242_v3_firmware100r001c00

🔴Vulnerability Details

3
GHSA
GHSA-87gh-g484-3wp7: The iBMC (Intelligent Baseboard Management Controller) of some Huawei servers have an authentication bypass vulnerability2022-05-13
OSV
libx11 vulnerabilities2018-08-30
CVEList
CVE-2018-7942: The iBMC (Intelligent Baseboard Management Controller) of some Huawei servers have an authentication bypass vulnerability2018-05-24
CVE-2018-7942 (HIGH CVSS 7.5) | The iBMC (Intelligent Baseboard Man | cvebase.io