CVE-2018-7949

The iBMC (Intelligent Baseboard Management Controller) of some Huawei servers have a privilege escalation vulnerability. A remote attacker may send some specially crafted login messages to the affected products. Due to improper authentication design, successful exploit enables low privileged users to get or modify passwords of highly privileged users.

Published: Jun 1, 2018
Updated: Apr 13, 2023
CVE: CVE-2018-7949
Severity: High
Exploit:

CVSS v3:

Severity: High
Score: 8.8
AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

CVSS v2:

Severity: Low
Score: 4
AV:N/AC:L/Au:S/C:P/I:N/A:N

CWEs:

CWE-287

OWASP TOP 10:

A2 - Broken Authentication

Affected Software
References

Software	From	Fixed in
huawei / 1288h_v5_firmware	100r005c00	100r005c00.x
huawei / 2288h_v5_firmware	100r005c00	100r005c00.x
huawei / 2488_v5_firmware	100r005c00	100r005c00.x
huawei / ch121_v3_firmware	100r001c00	100r001c00.x
huawei / ch121l_v3_firmware	100r001c00	100r001c00.x
huawei / ch121l_v5_firmware	100r001c00	100r001c00.x
huawei / ch121_v5_firmware	100r001c00	100r001c00.x
huawei / ch140_v3_firmware	100r001c00	100r001c00.x
huawei / ch140l_v3_firmware	100r001c00	100r001c00.x
huawei / ch220_v3_firmware	100r001c00	100r001c00.x
huawei / ch222_v3_firmware	100r001c00	100r001c00.x
huawei / ch242_v3_firmware	100r001c00	100r001c00.x
huawei / ch242_v5_firmware	100r001c00	100r001c00.x
huawei / rh1288_v3_firmware	100r003c00	100r003c00.x
huawei / rh2288_v3_firmware	100r003c00	100r003c00.x
huawei / xh310_v3_firmware	100r003c00	100r003c00.x
huawei / xh321_v3_firmware	100r003c00	100r003c00.x
huawei / xh321_v5_firmware	100r005c00	100r005c00.x
huawei / rh2288h_v3_firmware	100r003c00	100r003c00.x
huawei / xh620_v3_firmware	100r003c00	100r003c00.x

http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20180530-03-server-en

Vulnerability Database

289,599

CVE-2018-7949