CVE-2018-7941

Published May 10, 2018
Last updated 3 days ago
CVSS high 8.8
Overview

Description: Huawei iBMC V200R002C60 have an authentication bypass vulnerability. A remote attacker with low privilege may craft specific messages to upload authentication certificate to the affected products. Due to improper validation of the upload authority, successful exploit may cause privilege elevation.
Source: psirt@huawei.com
NVD status: Modified
Risk scores

CVSS 3.0

Type: Primary
Base score: 8.8
Impact score: 5.9
Exploitability score: 2.8
Vector string: CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Severity: HIGH
CVSS 2.0

Type: Primary
Base score: 6.5
Impact score: 6.4
Exploitability score: 8
Vector string: AV:N/AC:L/Au:S/C:P/I:P/A:P
Weaknesses

nvd@nist.gov: CWE-287
Hype score: Not currently trending
Configurations

[
  {
    "nodes": [
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:o:huawei:ch121_v3_firmware:100r001c00:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "5283ACDA-CCB2-47F6-BCB6-5085E93B9F6F"
          }
        ],
        "operator": "OR"
      },
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:h:huawei:ch121_v3:-:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "2FF9E151-2924-47F8-A20B-E413C548F9AA"
          }
        ],
        "operator": "OR"
      }
    ],
    "operator": "AND"
  },
  {
    "nodes": [
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:o:huawei:ch121l_v3_firmware:100r001c00:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "7ACA0F25-613F-4D42-B634-6B7D3E57E3F4"
          }
        ],
        "operator": "OR"
      },
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:h:huawei:ch121l_v3:-:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "58588D8E-57C2-466C-96DD-B7F679AC7EA7"
          }
        ],
        "operator": "OR"
      }
    ],
    "operator": "AND"
  },
  {
    "nodes": [
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:o:huawei:ch140_v3_firmware:100r001c00:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "C4B2CB6B-D216-4239-A023-5A22CDB17863"
          }
        ],
        "operator": "OR"
      },
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:h:huawei:ch140_v3:-:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "B0C4EBB9-35CB-4EA3-80AA-005785806CB8"
          }
        ],
        "operator": "OR"
      }
    ],
    "operator": "AND"
  },
  {
    "nodes": [
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:o:huawei:ch140l_v3_firmware:100r001c00:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "955D2776-0288-4B9F-B7F1-246A857DEAA8"
          }
        ],
        "operator": "OR"
      },
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:h:huawei:ch140l_v3:-:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "AEF1B2D3-C978-4014-8FE6-1A39BCBA0F34"
          }
        ],
        "operator": "OR"
      }
    ],
    "operator": "AND"
  },
  {
    "nodes": [
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:o:huawei:ch220_v3_firmware:100r001c00:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "4929308D-56EE-4A2E-BD4A-8200A9D5BF8F"
          }
        ],
        "operator": "OR"
      },
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:h:huawei:ch220_v3:-:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "D6D24534-B42F-48F4-8E04-5C6CFD64C4B1"
          }
        ],
        "operator": "OR"
      }
    ],
    "operator": "AND"
  },
  {
    "nodes": [
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:o:huawei:ch222_v3_firmware:100r001c00:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "30660352-38A5-455D-8779-35343DD44DE1"
          }
        ],
        "operator": "OR"
      },
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:h:huawei:ch222_v3:-:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "69FEA658-EC41-4E35-B36D-42C4770E44ED"
          }
        ],
        "operator": "OR"
      }
    ],
    "operator": "AND"
  },
  {
    "nodes": [
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:o:huawei:ch242_v3_firmware:100r001c00:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "E85B51FC-9C85-4B5C-B544-40D1B02F06EC"
          }
        ],
        "operator": "OR"
      },
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:h:huawei:ch242_v3:-:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "D2637E43-1937-4320-AAF4-3770C332B66E"
          }
        ],
        "operator": "OR"
      }
    ],
    "operator": "AND"
  },
  {
    "nodes": [
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:o:huawei:rh1288_v3_firmware:100r003c00:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "453060FA-4F69-44F2-8DD5-CDCFEEA50A19"
          }
        ],
        "operator": "OR"
      },
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:h:huawei:rh1288_v3:-:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "C20F56E3-3F39-4038-9918-96F1EAB82A85"
          }
        ],
        "operator": "OR"
      }
    ],
    "operator": "AND"
  },
  {
    "nodes": [
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:o:huawei:rh2288_v3_firmware:100r003c00:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "D20D0CB7-84E0-4CE7-8F0D-51F44C967F79"
          }
        ],
        "operator": "OR"
      },
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:h:huawei:rh2288_v3:-:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "24C453A0-D125-4152-A8BF-E369F7D48322"
          }
        ],
        "operator": "OR"
      }
    ],
    "operator": "AND"
  },
  {
    "nodes": [
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:o:huawei:rh2288h_v3_firmware:100r003c00:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "03777710-8412-4675-A98F-E19AC1C0FFF0"
          }
        ],
        "operator": "OR"
      },
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:h:huawei:rh2288h_v3:-:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "1A0B7D22-4BCE-4BF0-9738-8EBEEB9ED643"
          }
        ],
        "operator": "OR"
      }
    ],
    "operator": "AND"
  },
  {
    "nodes": [
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:o:huawei:xh310_v3_firmware:100r003c00:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "8D014565-6F10-4A2D-AA6B-1BDDD3CDD8FD"
          }
        ],
        "operator": "OR"
      },
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:h:huawei:xh310_v3:-:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "8823E10A-ADA2-4364-A4F3-A0BCD64DACC3"
          }
        ],
        "operator": "OR"
      }
    ],
    "operator": "AND"
  },
  {
    "nodes": [
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:o:huawei:xh321_v3_firmware:100r003c00:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "271064EB-1DC1-405F-88F5-A8F72270116E"
          }
        ],
        "operator": "OR"
      },
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:h:huawei:xh321_v3:-:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "CC29DFDD-8B50-48FC-9700-BDF766B6986B"
          }
        ],
        "operator": "OR"
      }
    ],
    "operator": "AND"
  },
  {
    "nodes": [
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:o:huawei:xh620_v3_firmware:100r003c00:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "79316C79-B48D-4FC6-BD8A-29350FB12234"
          }
        ],
        "operator": "OR"
      },
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:h:huawei:xh620_v3:-:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "CA54C1AF-8F77-4D40-B938-38887782D3AF"
          }
        ],
        "operator": "OR"
      }
    ],
    "operator": "AND"
  },
  {
    "nodes": [
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:o:huawei:ch121_v5_firmware:100r001c00:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "57A7E8BA-EF5A-4103-BF2E-0118FB53535E"
          }
        ],
        "operator": "OR"
      },
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:h:huawei:ch121_v5:-:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "48D2E997-5EC8-46F3-9AC9-B06A01FBBF92"
          }
        ],
        "operator": "OR"
      }
    ],
    "operator": "AND"
  },
  {
    "nodes": [
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:o:huawei:ch121l_v5_firmware:100r001c00:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "57EFD6C9-5A39-4D9A-824E-6DD1B51C47D8"
          }
        ],
        "operator": "OR"
      },
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:h:huawei:ch121l_v5:-:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "4F9F3B0F-41E5-4846-B572-5EDB4BAE50F2"
          }
        ],
        "operator": "OR"
      }
    ],
    "operator": "AND"
  },
  {
    "nodes": [
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:o:huawei:ch242_v5_firmware:100r001c00:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "C2BAC240-B572-4BB3-B807-0B55BFCD2164"
          }
        ],
        "operator": "OR"
      },
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:h:huawei:ch242_v5:-:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "F38C6CB2-4851-43E9-B608-99857AEEE900"
          }
        ],
        "operator": "OR"
      }
    ],
    "operator": "AND"
  },
  {
    "nodes": [
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:o:huawei:1288h_v5_firmware:100r005c00:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "970A03A9-3BD3-47CB-AE3E-DC6C354BB900"
          }
        ],
        "operator": "OR"
      },
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:h:huawei:1288h_v5:-:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "A97FE467-E5EB-45B4-B7EA-2E8232307CEE"
          }
        ],
        "operator": "OR"
      }
    ],
    "operator": "AND"
  },
  {
    "nodes": [
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:o:huawei:2288h_v5_firmware:100r005c00:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "E6CF6E61-7CF1-4CEF-9282-17102E56B38E"
          }
        ],
        "operator": "OR"
      },
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:h:huawei:2288h_v5:-:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "0E01F546-8E5E-4A5A-B921-DF985FF1D7ED"
          }
        ],
        "operator": "OR"
      }
    ],
    "operator": "AND"
  },
  {
    "nodes": [
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:o:huawei:2488_v5_firmware:100r005c00:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "5D757021-44CA-4B8D-A194-7B0DEE47E5B1"
          }
        ],
        "operator": "OR"
      },
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:h:huawei:2488_v5:-:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "C8494E22-C84A-4201-96A3-02D8CBAC7C02"
          }
        ],
        "operator": "OR"
      }
    ],
    "operator": "AND"
  },
  {
    "nodes": [
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:o:huawei:xh321_v5_firmware:100r005c00:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "70E83CF9-5D63-4D4B-AFD8-FAD77A48DF1A"
          }
        ],
        "operator": "OR"
      },
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:h:huawei:xh321_v5:-:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "62587B2F-1C9F-4BE5-8E4B-8713ACAA0AA1"
          }
        ],
        "operator": "OR"
      }
    ],
    "operator": "AND"
  }
]
Overview

Risk scores

CVSS 3.0

CVSS 2.0

Weaknesses

Social media

Configurations

References
