Details of VAR-201806-1709

ID

VAR-201806-1709

CVE

CVE-2018-7949

TITLE

plural Huawei Authentication vulnerabilities in products

Trust: 0.8

sources: JVNDB: JVNDB-2018-005604

DESCRIPTION

The iBMC (Intelligent Baseboard Management Controller) of some Huawei servers have a privilege escalation vulnerability. A remote attacker may send some specially crafted login messages to the affected products. Due to improper authentication design, successful exploit enables low privileged users to get or modify passwords of highly privileged users. plural Huawei The product contains authentication vulnerabilities.Information is obtained, information is altered, and service operation is disrupted (DoS) There is a possibility of being put into a state. Huawei1288HV5 and other Huawei server models are different types of servers. IntelligentBaseboardManagementController (iBMC) is one of the embedded server intelligent management systems. There are privilege escalation vulnerabilities in iBMC in various Huawei products. Huawei 1288H V5, etc. The following products and versions are affected: Huawei 1288H V5 V100R005C00 Version; 2288H V5 V100R005C00 Version; 2488 V5 V100R005C00 Version; CH121 V3 V100R001C00 Version; CH121L V3 V100R001C00 Version; CH121L V5 V100R001C00 Version; CH121 V5 V100R001C00 Version; CH140 V3 V100R001C00 Version; CH140L V3 V100R001C00 Version; CH220 V3 V100R001C00 Version; CH222 V3 V100R001C00 Version; CH242 V3 V100R001C00 Version; CH242 V5 V100R001C00 Version; RH1288 V3 V100R003C00 Version; RH2288 V3 V100R003C00 Version; RH2288H V3 V100R003C00 Version; XH310 V3 V100R003C00 Version; XH321 V3 V100R003C00 Version; XH321 V5 V100R005C00 version; XH620 V3 V100R003C00 version

Trust: 2.25

sources: NVD: CVE-2018-7949 // JVNDB: JVNDB-2018-005604 // CNVD: CNVD-2018-11506 // VULHUB: VHN-137981

IOT TAXONOMY

category:

['Network device']

sub_category:

Trust: 0.6

sources: CNVD: CNVD-2018-11506

AFFECTED PRODUCTS

vendor:	huawei	model:	rh1288 v3	scope:	eq	version:	100r003c00	Trust: 1.6
vendor:	huawei	model:	xh310 v3	scope:	eq	version:	100r003c00	Trust: 1.6
vendor:	huawei	model:	xh321 v5	scope:	eq	version:	100r005c00	Trust: 1.6
vendor:	huawei	model:	ch220 v3	scope:	eq	version:	100r001c00	Trust: 1.6
vendor:	huawei	model:	rh2288h v3	scope:	eq	version:	100r003c00	Trust: 1.6
vendor:	huawei	model:	ch242 v5	scope:	eq	version:	100r001c00	Trust: 1.6
vendor:	huawei	model:	xh321 v3	scope:	eq	version:	100r003c00	Trust: 1.6
vendor:	huawei	model:	ch242 v3	scope:	eq	version:	100r001c00	Trust: 1.6
vendor:	huawei	model:	rh2288 v3	scope:	eq	version:	100r003c00	Trust: 1.6
vendor:	huawei	model:	xh620 v3	scope:	eq	version:	100r003c00	Trust: 1.6
vendor:	huawei	model:	2288h v5	scope:	eq	version:	100r005c00	Trust: 1.0
vendor:	huawei	model:	ch121 v3	scope:	eq	version:	100r001c00	Trust: 1.0
vendor:	huawei	model:	ch121 v5	scope:	eq	version:	100r001c00	Trust: 1.0
vendor:	huawei	model:	ch121l v5	scope:	eq	version:	100r001c00	Trust: 1.0
vendor:	huawei	model:	ch140l v3	scope:	eq	version:	100r001c00	Trust: 1.0
vendor:	huawei	model:	2488 v5	scope:	eq	version:	100r005c00	Trust: 1.0
vendor:	huawei	model:	ch121l v3	scope:	eq	version:	100r001c00	Trust: 1.0
vendor:	huawei	model:	ch140 v3	scope:	eq	version:	100r001c00	Trust: 1.0
vendor:	huawei	model:	1288h v5	scope:	eq	version:	100r005c00	Trust: 1.0
vendor:	huawei	model:	ch222 v3	scope:	eq	version:	100r001c00	Trust: 1.0
vendor:	huawei	model:	1288h v5	scope:	-	version:	-	Trust: 0.8
vendor:	huawei	model:	2288h v5	scope:	-	version:	-	Trust: 0.8
vendor:	huawei	model:	2488 v5	scope:	-	version:	-	Trust: 0.8
vendor:	huawei	model:	ch121 v3	scope:	-	version:	-	Trust: 0.8
vendor:	huawei	model:	ch121 v5	scope:	-	version:	-	Trust: 0.8
vendor:	huawei	model:	ch121l v3	scope:	-	version:	-	Trust: 0.8
vendor:	huawei	model:	ch121l v5	scope:	-	version:	-	Trust: 0.8
vendor:	huawei	model:	ch140 v3	scope:	-	version:	-	Trust: 0.8
vendor:	huawei	model:	ch140l v3	scope:	-	version:	-	Trust: 0.8
vendor:	huawei	model:	ch220 v3	scope:	-	version:	-	Trust: 0.8
vendor:	huawei	model:	ch222 v3	scope:	-	version:	-	Trust: 0.8
vendor:	huawei	model:	ch242 v3	scope:	-	version:	-	Trust: 0.8
vendor:	huawei	model:	ch242 v5	scope:	-	version:	-	Trust: 0.8
vendor:	huawei	model:	rh1288 v3	scope:	-	version:	-	Trust: 0.8
vendor:	huawei	model:	rh2288 v3	scope:	-	version:	-	Trust: 0.8
vendor:	huawei	model:	rh2288h v3	scope:	-	version:	-	Trust: 0.8
vendor:	huawei	model:	xh310 v3	scope:	-	version:	-	Trust: 0.8
vendor:	huawei	model:	xh321 v3	scope:	-	version:	-	Trust: 0.8
vendor:	huawei	model:	xh321 v5	scope:	-	version:	-	Trust: 0.8
vendor:	huawei	model:	xh620 v3	scope:	-	version:	-	Trust: 0.8
vendor:	huawei	model:	rh1288 v100r003c00	scope:	eq	version:	v3	Trust: 0.6
vendor:	huawei	model:	rh2288 v100r003c00	scope:	eq	version:	v3	Trust: 0.6
vendor:	huawei	model:	rh2288h v100r003c00	scope:	eq	version:	v3	Trust: 0.6
vendor:	huawei	model:	1288h v100r005c00	scope:	eq	version:	v5	Trust: 0.6
vendor:	huawei	model:	2288h v100r005c00	scope:	eq	version:	v5	Trust: 0.6
vendor:	huawei	model:	ch121 v100r001c00	scope:	eq	version:	v3	Trust: 0.6
vendor:	huawei	model:	ch121l v100r001c00	scope:	eq	version:	v3	Trust: 0.6
vendor:	huawei	model:	ch121l v100r001c00	scope:	eq	version:	v5	Trust: 0.6
vendor:	huawei	model:	ch121 v100r001c00	scope:	eq	version:	v5	Trust: 0.6
vendor:	huawei	model:	ch140 v100r001c00	scope:	eq	version:	v3	Trust: 0.6
vendor:	huawei	model:	ch140l	scope:	eq	version:	v3	Trust: 0.6
vendor:	huawei	model:	ch220 v100r001c00	scope:	eq	version:	v3	Trust: 0.6
vendor:	huawei	model:	ch222 v100r001c00	scope:	eq	version:	v3	Trust: 0.6
vendor:	huawei	model:	ch242 v100r001c00	scope:	eq	version:	v3	Trust: 0.6
vendor:	huawei	model:	ch242 v100r001c00	scope:	eq	version:	v5	Trust: 0.6
vendor:	huawei	model:	v100r005c00	scope:	eq	version:	2488v5	Trust: 0.6
vendor:	huawei	model:	xh310 v100r003c00	scope:	eq	version:	v3	Trust: 0.6
vendor:	huawei	model:	xh321 v100r003c00	scope:	eq	version:	v3	Trust: 0.6
vendor:	huawei	model:	xh620 v100r003c00	scope:	eq	version:	v3	Trust: 0.6
vendor:	huawei	model:	xh321 v100r005c00	scope:	eq	version:	v5	Trust: 0.6

sources: CNVD: CNVD-2018-11506 // JVNDB: JVNDB-2018-005604 // CNNVD: CNNVD-201806-140 // NVD: CVE-2018-7949

CVSS

SEVERITY

CVSSV2

CVSSV3

nvd@nist.gov:	CVE-2018-7949
value:	HIGH
Trust: 1.0
NVD:	CVE-2018-7949
value:	HIGH
Trust: 0.8
CNVD:	CNVD-2018-11506
value:	HIGH
Trust: 0.6
CNNVD:	CNNVD-201806-140
value:	MEDIUM
Trust: 0.6
VULHUB:	VHN-137981
value:	MEDIUM
Trust: 0.1

nvd@nist.gov:	CVE-2018-7949
severity:	MEDIUM
baseScore:	4.0
vectorString:	AV:N/AC:L/AU:S/C:P/I:N/A:N
accessVector:	NETWORK
accessComplexity:	LOW
authentication:	SINGLE
confidentialityImpact:	PARTIAL
integrityImpact:	NONE
availabilityImpact:	NONE
exploitabilityScore:	8.0
impactScore:	2.9
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.0
Trust: 1.8
CNVD:	CNVD-2018-11506
severity:	HIGH
baseScore:	8.3
vectorString:	AV:N/AC:L/AU:M/C:C/I:C/A:C
accessVector:	NETWORK
accessComplexity:	LOW
authentication:	MULTIPLE
confidentialityImpact:	COMPLETE
integrityImpact:	COMPLETE
availabilityImpact:	COMPLETE
exploitabilityScore:	6.4
impactScore:	10.0
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.0
Trust: 0.6
VULHUB:	VHN-137981
severity:	MEDIUM
baseScore:	4.0
vectorString:	AV:N/AC:L/AU:S/C:P/I:N/A:N
accessVector:	NETWORK
accessComplexity:	LOW
authentication:	SINGLE
confidentialityImpact:	PARTIAL
integrityImpact:	NONE
availabilityImpact:	NONE
exploitabilityScore:	8.0
impactScore:	2.9
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.0
Trust: 0.1

nvd@nist.gov:	CVE-2018-7949
baseSeverity:	HIGH
baseScore:	8.8
vectorString:	CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
attackVector:	NETWORK
attackComplexity:	LOW
privilegesRequired:	LOW
userInteraction:	NONE
scope:	UNCHANGED
confidentialityImpact:	HIGH
integrityImpact:	HIGH
availabilityImpact:	HIGH
exploitabilityScore:	2.8
impactScore:	5.9
version:	3.0
Trust: 1.8

sources: CNVD: CNVD-2018-11506 // VULHUB: VHN-137981 // JVNDB: JVNDB-2018-005604 // CNNVD: CNNVD-201806-140 // NVD: CVE-2018-7949

PROBLEMTYPE DATA

problemtype:

CWE-287

Trust: 1.9

sources: VULHUB: VHN-137981 // JVNDB: JVNDB-2018-005604 // NVD: CVE-2018-7949

THREAT TYPE

remote

Trust: 0.6

sources: CNNVD: CNNVD-201806-140

TYPE

authorization issue

Trust: 0.6

sources: CNNVD: CNNVD-201806-140

CONFIGURATIONS

sources: JVNDB: JVNDB-2018-005604

PATCH

title:	huawei-sa-20180530-03-server	url:	http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20180530-03-server-en	Trust: 0.8
title:	Patches for various Huawei products IntelligentBaseboardManagementController privilege escalation vulnerability	url:	https://www.cnvd.org.cn/patchInfo/show/132011	Trust: 0.6
title:	Multiple Huawei product Intelligent Baseboard Management Controller Fixes for permission permissions and access control vulnerabilities	url:	http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=80497	Trust: 0.6

sources: CNVD: CNVD-2018-11506 // JVNDB: JVNDB-2018-005604 // CNNVD: CNNVD-201806-140

EXTERNAL IDS

db:	NVD	id:	CVE-2018-7949	Trust: 3.1
db:	JVNDB	id:	JVNDB-2018-005604	Trust: 0.8
db:	CNNVD	id:	CNNVD-201806-140	Trust: 0.7
db:	CNVD	id:	CNVD-2018-11506	Trust: 0.6
db:	VULHUB	id:	VHN-137981	Trust: 0.1

sources: CNVD: CNVD-2018-11506 // VULHUB: VHN-137981 // JVNDB: JVNDB-2018-005604 // CNNVD: CNNVD-201806-140 // NVD: CVE-2018-7949

REFERENCES

url:	http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20180530-03-server-en	Trust: 2.3
url:	https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2018-7949	Trust: 0.8
url:	https://nvd.nist.gov/vuln/detail/cve-2018-7949	Trust: 0.8

sources: CNVD: CNVD-2018-11506 // VULHUB: VHN-137981 // JVNDB: JVNDB-2018-005604 // CNNVD: CNNVD-201806-140 // NVD: CVE-2018-7949

SOURCES

db:	CNVD	id:	CNVD-2018-11506
db:	VULHUB	id:	VHN-137981
db:	JVNDB	id:	JVNDB-2018-005604
db:	CNNVD	id:	CNNVD-201806-140
db:	NVD	id:	CVE-2018-7949

LAST UPDATE DATE

2024-11-23T23:05:05.309000+00:00

SOURCES UPDATE DATE

db:	CNVD	id:	CNVD-2018-11506	date:	2018-06-14T00:00:00
db:	VULHUB	id:	VHN-137981	date:	2018-07-05T00:00:00
db:	JVNDB	id:	JVNDB-2018-005604	date:	2018-07-24T00:00:00
db:	CNNVD	id:	CNNVD-201806-140	date:	2018-06-04T00:00:00
db:	NVD	id:	CVE-2018-7949	date:	2024-11-21T04:13:00.580

SOURCES RELEASE DATE

db:	CNVD	id:	CNVD-2018-11506	date:	2018-06-14T00:00:00
db:	VULHUB	id:	VHN-137981	date:	2018-06-01T00:00:00
db:	JVNDB	id:	JVNDB-2018-005604	date:	2018-07-24T00:00:00
db:	CNNVD	id:	CNNVD-201806-140	date:	2018-06-04T00:00:00
db:	NVD	id:	CVE-2018-7949	date:	2018-06-01T14:29:00.787