Authentication Bypass Vulnerability in Huawei Servers
CVE-2018-7943

8.8HIGH

Key Information:

Vendor

McAfee
Status
1288h V5; 2288h V5; 2488 V5 ; Ch121 V3; Ch121l V3; Ch121l V5 ; Ch121 V5 ; Ch140 V3; Ch140l V3; Ch220 V3; Ch222 V3; Ch242 V3; Ch242 V5 ; Rh1288 V3; Rh2288 V3; Rh2288h V3; Xh310 V3; Xh321 V3; Xh321 V5; Xh620 V3
Vendor
CVE Published:
30 May 2018

What is CVE-2018-7943?

An authentication bypass vulnerability exists in certain Huawei servers, allowing remote attackers with basic privileges to circumvent authentication mechanisms. By executing specific operations, these attackers can gain unauthorized access to sensitive information and potentially escalate their privileges to that of high-level users. This risk highlights the importance of proper authentication controls in server configurations.

Affected Version(s)

1288H V5; 2288H V5; 2488 V5 ; CH121 V3; CH121L V3; CH121L V5 ; CH121 V5 ; CH140 V3; CH140L V3; CH220 V3; CH222 V3; CH242 V3; CH242 V5 ; RH1288 V3; RH2288 V3; RH2288H V3; XH310 V3; XH321 V3; XH321 V5; XH620 V3 1288H V5 V100R005C00

1288H V5; 2288H V5; 2488 V5 ; CH121 V3; CH121L V3; CH121L V5 ; CH121 V5 ; CH140 V3; CH140L V3; CH220 V3; CH222 V3; CH242 V3; CH242 V5 ; RH1288 V3; RH2288 V3; RH2288H V3; XH310 V3; XH321 V3; XH321 V5; XH620 V3 2288H V5 V100R005C00

1288H V5; 2288H V5; 2488 V5 ; CH121 V3; CH121L V3; CH121L V5 ; CH121 V5 ; CH140 V3; CH140L V3; CH220 V3; CH222 V3; CH242 V3; CH242 V5 ; RH1288 V3; RH2288 V3; RH2288H V3; XH310 V3; XH321 V3; XH321 V5; XH620 V3 2488 V5 V100R005C00

References

http://www.huawei.com/en/psirt/security-advisories/huawei...
x_refsource_CONFIRM

CVSS V3.1

Score:
8.8
Severity:
HIGH
Confidentiality:
High
Integrity:
High
Availability:
High
Attack Vector:
Network
Attack Complexity:
Low
Privileges Required:
Low
User Interaction:
None
Scope:
Unchanged

Timeline

  • Vulnerability published

  • Vulnerability Reserved

JSON
.