1. Home
  2. CVE Database
  3. CVE-2018-7941
HIGH · 8.8

CVE-2018-7941

Huawei iBMC V200R002C60 have an authentication bypass vulnerability. A remote attacker with low privilege may craft specific messages to upload authentication certificate to the affected products. Due...

Vulnerability Description

Huawei iBMC V200R002C60 have an authentication bypass vulnerability. A remote attacker with low privilege may craft specific messages to upload authentication certificate to the affected products. Due to improper validation of the upload authority, successful exploit may cause privilege elevation.

CVSS Score

8.8

HIGH

CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
LOW
User Interaction
NONE
Scope
UNCHANGED
Confidentiality
HIGH
Integrity
HIGH
Availability
HIGH

Affected Products

VendorProductVersions
HuaweiCh121 V3 Firmware100r001c00
HuaweiCh121 V3-
HuaweiCh121L V3 Firmware100r001c00
HuaweiCh121L V3-
HuaweiCh140 V3 Firmware100r001c00
HuaweiCh140 V3-
HuaweiCh140L V3 Firmware100r001c00
HuaweiCh140L V3-
HuaweiCh220 V3 Firmware100r001c00
HuaweiCh220 V3-
HuaweiCh222 V3 Firmware100r001c00
HuaweiCh222 V3-
HuaweiCh242 V3 Firmware100r001c00
HuaweiCh242 V3-
HuaweiRh1288 V3 Firmware100r003c00
HuaweiRh1288 V3-
HuaweiRh2288 V3 Firmware100r003c00
HuaweiRh2288 V3-
HuaweiRh2288H V3 Firmware100r003c00
HuaweiRh2288H V3-

Related Weaknesses (CWE)

CWE-287

References

FAQ

What is CVE-2018-7941?

CVE-2018-7941 is a vulnerability with a CVSS score of 8.8 (HIGH). Huawei iBMC V200R002C60 have an authentication bypass vulnerability. A remote attacker with low privilege may craft specific messages to upload authentication certificate to the affected products. Due...

How severe is CVE-2018-7941?

CVE-2018-7941 has been rated HIGH with a CVSS base score of 8.8/10. Review the CVSS metrics above for detailed severity breakdown.

Is there a patch for CVE-2018-7941?

Check the references section above for vendor advisories and patch information. Affected products include: Huawei Ch121 V3 Firmware, Huawei Ch121 V3, Huawei Ch121L V3 Firmware, Huawei Ch121L V3, Huawei Ch140 V3 Firmware.