cbcvebase.
CVE-2018-7943
published 2018-06-05

CVE-2018-7943: There is an authentication bypass vulnerability in some Huawei servers. A remote attacker with low privilege may bypass the authentication by some special…

high8.8CVSS 3.0
AVNACLPRLUINSUCHIHAH
There is an authentication bypass vulnerability in some Huawei servers. A remote attacker with low privilege may bypass the authentication by some special operations. Due to insufficient authentication, an attacker may exploit the vulnerability to get some sensitive information and high-level users' privilege.

Affected

23 ranges
VendorProductVersion rangeFixed in
huawei1288h_v5_firmware
huawei2288h_v5_firmware
huawei2488_v5_firmware
huaweich121_v3_firmware
huaweich121_v5_firmware
huaweich121l_v3_firmware
huaweich121l_v5_firmware
huaweich140_v3_firmware
huaweich140l_v3_firmware
huaweich220_v3_firmware
huaweich222_v3_firmware
huaweich242_v3_firmware
huaweich242_v5_firmware
huaweirh1288_v3_firmware
huaweirh2288_v3_firmware
huaweirh2288h_v3_firmware
huaweixh310_v3_firmware
huaweixh321_v3_firmware
huaweixh321_v5_firmware
huaweixh620_v3_firmware
x.orglibx11>= 0 < 2:1.6.2-1ubuntu2.12:1.6.2-1ubuntu2.1
x.orglibx11>= 0 < 2:1.6.3-1ubuntu2.12:1.6.3-1ubuntu2.1
x.orglibx11>= 0 < 2:1.6.4-3ubuntu0.12:1.6.4-3ubuntu0.1

CVSS provenance

nvdv3.08.8HIGHCVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
osv9.8CRITICAL