github - ghsa-87gh-g484-3wp7

ghsa-87gh-g484-3wp7

Vulnerability from github

Published

2022-05-13 01:20

Modified

2022-05-13 01:20

Severity ?

7.5 (High) - CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

Details

The iBMC (Intelligent Baseboard Management Controller) of some Huawei servers have an authentication bypass vulnerability. An unauthenticated, remote attacker may send some specially crafted messages to the affected products. Due to improper authentication design, successful exploit may cause some information leak.

Show details on source website

JSON

To clipboard

{
  "affected": [],
  "aliases": [
    "CVE-2018-7942"
  ],
  "database_specific": {
    "cwe_ids": [],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2018-05-24T14:29:00Z",
    "severity": "HIGH"
  },
  "details": "The iBMC (Intelligent Baseboard Management Controller) of some Huawei servers have an authentication bypass vulnerability. An unauthenticated, remote attacker may send some specially crafted messages to the affected products. Due to improper authentication design, successful exploit may cause some information leak.",
  "id": "GHSA-87gh-g484-3wp7",
  "modified": "2022-05-13T01:20:37Z",
  "published": "2022-05-13T01:20:37Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2018-7942"
    },
    {
      "type": "WEB",
      "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/143686"
    },
    {
      "type": "WEB",
      "url": "http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20180523-01-server-en"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
      "type": "CVSS_V3"
    }
  ]
}

CVE-2018-7942 (GCVE-0-2018-7942)

Vulnerability from cvelistv5

Published

2018-05-24 14:00

Modified

2024-08-05 06:37

Severity ?

CWE

authentication bypass

Summary

References

►

URL

Tags

http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20180523-01-server-en

x_refsource_CONFIRM

Impacted products

	Vendor	Product	Version
	Huawei Technologies Co., Ltd.	1288H V5; 2288H V5; 2488 V5; CH121 V3; CH121L V3; CH121L V5; CH121 V5; CH140 V3; CH140L V3; CH220 V3; CH222 V3; CH242 V3; CH242 V5; RH1288 V3; RH2288 V3; RH2288H V3; XH310 V3; XH321 V3; XH321 V5; XH620 V3	Version: 1288H V5 V100R005C00 Version: 2288H V5 V100R005C00 Version: 2488 V5 V100R005C00 Version: CH121 V3 V100R001C00 Version: CH121L V3 V100R001C00 Version: CH121L V5 V100R001C00 Version: CH121 V5 V100R001C00 Version: CH140 V3 V100R001C00 Version: CH140L V3 V100R001C00 Version: CH220 V3 V100R001C00 Version: CH222 V3 V100R001C00 Version: CH242 V3 V100R001C00 Version: CH242 V5 V100R001C00 Version: RH1288 V3 V100R003C00 Version: RH2288 V3 V100R003C00 Version: RH2288H V3 V100R003C00 Version: XH310 V3 V100R003C00 Version: XH321 V3 V100R003C00 Version: XH321 V5 V100R005C00 Version: XH620 V3 V100R003C00

Show details on NVD website