Details of VAR-201806-1710

ID

VAR-201806-1710

CVE

CVE-2018-7950

TITLE

plural Huawei Server product injection vulnerability

Trust: 0.8

sources: JVNDB: JVNDB-2018-005553

DESCRIPTION

The iBMC (Intelligent Baseboard Management Controller) of some Huawei servers have a JSON injection vulnerability due to insufficient input validation. An authenticated, remote attacker can launch a JSON injection to modify the password of administrator. Successful exploit may allow attackers to obtain the management privilege of the system. plural Huawei Server products contain injection vulnerabilities.Information is obtained, information is altered, and service operation is disrupted (DoS) There is a possibility of being put into a state. Huawei1288HV5 and other Huawei server models are different types of servers. IntelligentBaseboardManagementController (iBMC) is one of the embedded server intelligent management systems. Huawei 1288H V5, etc. The following products and versions are affected: Huawei 1288H V5 V100R005C00 Version; 2288H V5 V100R005C00 Version; 2488 V5 V100R005C00 Version; CH121 V3 V100R001C00 Version; CH121L V3 V100R001C00 Version; CH121L V5 V100R001C00 Version; CH121 V5 V100R001C00 Version; CH140 V3 V100R001C00 Version; CH140L V3 V100R001C00 Version; CH220 V3 V100R001C00 Version; CH222 V3 V100R001C00 Version; CH242 V3 V100R001C00 Version; CH242 V5 V100R001C00 Version; RH1288 V3 V100R003C00 Version; RH2288 V3 V100R003C00 Version; RH2288H V3 V100R003C00 Version; XH310 V3 V100R003C00 Version; XH321 V3 V100R003C00 Version; XH321 V5 V100R005C00 version; XH620 V3 V100R003C00 version

Trust: 2.25

sources: NVD: CVE-2018-7950 // JVNDB: JVNDB-2018-005553 // CNVD: CNVD-2018-11505 // VULHUB: VHN-137982

IOT TAXONOMY

category:

['Network device']

sub_category:

Trust: 0.6

sources: CNVD: CNVD-2018-11505

AFFECTED PRODUCTS

vendor:	huawei	model:	rh1288 v3	scope:	eq	version:	100r003c00	Trust: 1.6
vendor:	huawei	model:	xh310 v3	scope:	eq	version:	100r003c00	Trust: 1.6
vendor:	huawei	model:	xh321 v5	scope:	eq	version:	100r005c00	Trust: 1.6
vendor:	huawei	model:	rh2288h v3	scope:	eq	version:	100r003c00	Trust: 1.6
vendor:	huawei	model:	ch242 v5	scope:	eq	version:	100r001c00	Trust: 1.6
vendor:	huawei	model:	xh321 v3	scope:	eq	version:	100r003c00	Trust: 1.6
vendor:	huawei	model:	ch242 v3	scope:	eq	version:	100r001c00	Trust: 1.6
vendor:	huawei	model:	1288h v5	scope:	eq	version:	100r005c00	Trust: 1.6
vendor:	huawei	model:	rh2288 v3	scope:	eq	version:	100r003c00	Trust: 1.6
vendor:	huawei	model:	xh620 v3	scope:	eq	version:	100r003c00	Trust: 1.6
vendor:	huawei	model:	2288h v5	scope:	eq	version:	100r005c00	Trust: 1.0
vendor:	huawei	model:	ch220 v3	scope:	eq	version:	100r001c00	Trust: 1.0
vendor:	huawei	model:	ch121 v3	scope:	eq	version:	100r001c00	Trust: 1.0
vendor:	huawei	model:	ch121 v5	scope:	eq	version:	100r001c00	Trust: 1.0
vendor:	huawei	model:	ch121l v5	scope:	eq	version:	100r001c00	Trust: 1.0
vendor:	huawei	model:	ch140l v3	scope:	eq	version:	100r001c00	Trust: 1.0
vendor:	huawei	model:	2488 v5	scope:	eq	version:	100r005c00	Trust: 1.0
vendor:	huawei	model:	ch121l v3	scope:	eq	version:	100r001c00	Trust: 1.0
vendor:	huawei	model:	ch140 v3	scope:	eq	version:	100r001c00	Trust: 1.0
vendor:	huawei	model:	ch222 v3	scope:	eq	version:	100r001c00	Trust: 1.0
vendor:	huawei	model:	1288h v5	scope:	-	version:	-	Trust: 0.8
vendor:	huawei	model:	2288h v5	scope:	-	version:	-	Trust: 0.8
vendor:	huawei	model:	2488 v5	scope:	-	version:	-	Trust: 0.8
vendor:	huawei	model:	ch121 v3	scope:	-	version:	-	Trust: 0.8
vendor:	huawei	model:	ch121 v5	scope:	-	version:	-	Trust: 0.8
vendor:	huawei	model:	ch121l v3	scope:	-	version:	-	Trust: 0.8
vendor:	huawei	model:	ch121l v5	scope:	-	version:	-	Trust: 0.8
vendor:	huawei	model:	ch140 v3	scope:	-	version:	-	Trust: 0.8
vendor:	huawei	model:	ch140l v3	scope:	-	version:	-	Trust: 0.8
vendor:	huawei	model:	ch220 v3	scope:	-	version:	-	Trust: 0.8
vendor:	huawei	model:	ch222 v3	scope:	-	version:	-	Trust: 0.8
vendor:	huawei	model:	ch242 v3	scope:	-	version:	-	Trust: 0.8
vendor:	huawei	model:	ch242 v5	scope:	-	version:	-	Trust: 0.8
vendor:	huawei	model:	rh1288 v3	scope:	-	version:	-	Trust: 0.8
vendor:	huawei	model:	rh2288 v3	scope:	-	version:	-	Trust: 0.8
vendor:	huawei	model:	rh2288h v3	scope:	-	version:	-	Trust: 0.8
vendor:	huawei	model:	xh310 v3	scope:	-	version:	-	Trust: 0.8
vendor:	huawei	model:	xh321 v3	scope:	-	version:	-	Trust: 0.8
vendor:	huawei	model:	xh321 v5	scope:	-	version:	-	Trust: 0.8
vendor:	huawei	model:	xh620 v3	scope:	-	version:	-	Trust: 0.8
vendor:	huawei	model:	rh1288 v100r003c00	scope:	eq	version:	v3	Trust: 0.6
vendor:	huawei	model:	rh2288 v100r003c00	scope:	eq	version:	v3	Trust: 0.6
vendor:	huawei	model:	rh2288h v100r003c00	scope:	eq	version:	v3	Trust: 0.6
vendor:	huawei	model:	1288h v100r005c00	scope:	eq	version:	v5	Trust: 0.6
vendor:	huawei	model:	2288h v100r005c00	scope:	eq	version:	v5	Trust: 0.6
vendor:	huawei	model:	ch121 v100r001c00	scope:	eq	version:	v3	Trust: 0.6
vendor:	huawei	model:	ch121l v100r001c00	scope:	eq	version:	v3	Trust: 0.6
vendor:	huawei	model:	ch121l v100r001c00	scope:	eq	version:	v5	Trust: 0.6
vendor:	huawei	model:	ch121 v100r001c00	scope:	eq	version:	v5	Trust: 0.6
vendor:	huawei	model:	ch140 v100r001c00	scope:	eq	version:	v3	Trust: 0.6
vendor:	huawei	model:	ch140l	scope:	eq	version:	v3	Trust: 0.6
vendor:	huawei	model:	ch220 v100r001c00	scope:	eq	version:	v3	Trust: 0.6
vendor:	huawei	model:	ch222 v100r001c00	scope:	eq	version:	v3	Trust: 0.6
vendor:	huawei	model:	ch242 v100r001c00	scope:	eq	version:	v3	Trust: 0.6
vendor:	huawei	model:	ch242 v100r001c00	scope:	eq	version:	v5	Trust: 0.6
vendor:	huawei	model:	v100r005c00	scope:	eq	version:	2488v5	Trust: 0.6
vendor:	huawei	model:	xh310 v100r003c00	scope:	eq	version:	v3	Trust: 0.6
vendor:	huawei	model:	xh321 v100r003c00	scope:	eq	version:	v3	Trust: 0.6
vendor:	huawei	model:	xh620 v100r003c00	scope:	eq	version:	v3	Trust: 0.6
vendor:	huawei	model:	xh321 v100r005c00	scope:	eq	version:	v5	Trust: 0.6

sources: CNVD: CNVD-2018-11505 // JVNDB: JVNDB-2018-005553 // CNNVD: CNNVD-201806-139 // NVD: CVE-2018-7950

CVSS

SEVERITY

CVSSV2

CVSSV3

nvd@nist.gov:	CVE-2018-7950
value:	HIGH
Trust: 1.0
NVD:	CVE-2018-7950
value:	HIGH
Trust: 0.8
CNVD:	CNVD-2018-11505
value:	HIGH
Trust: 0.6
CNNVD:	CNNVD-201806-139
value:	HIGH
Trust: 0.6
VULHUB:	VHN-137982
value:	HIGH
Trust: 0.1

nvd@nist.gov:	CVE-2018-7950
severity:	HIGH
baseScore:	9.0
vectorString:	AV:N/AC:L/AU:S/C:C/I:C/A:C
accessVector:	NETWORK
accessComplexity:	LOW
authentication:	SINGLE
confidentialityImpact:	COMPLETE
integrityImpact:	COMPLETE
availabilityImpact:	COMPLETE
exploitabilityScore:	8.0
impactScore:	10.0
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.0
Trust: 1.8
CNVD:	CNVD-2018-11505
severity:	HIGH
baseScore:	8.3
vectorString:	AV:N/AC:L/AU:M/C:C/I:C/A:C
accessVector:	NETWORK
accessComplexity:	LOW
authentication:	MULTIPLE
confidentialityImpact:	COMPLETE
integrityImpact:	COMPLETE
availabilityImpact:	COMPLETE
exploitabilityScore:	6.4
impactScore:	10.0
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.0
Trust: 0.6
VULHUB:	VHN-137982
severity:	HIGH
baseScore:	9.0
vectorString:	AV:N/AC:L/AU:S/C:C/I:C/A:C
accessVector:	NETWORK
accessComplexity:	LOW
authentication:	SINGLE
confidentialityImpact:	COMPLETE
integrityImpact:	COMPLETE
availabilityImpact:	COMPLETE
exploitabilityScore:	8.0
impactScore:	10.0
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.0
Trust: 0.1

nvd@nist.gov:	CVE-2018-7950
baseSeverity:	HIGH
baseScore:	8.8
vectorString:	CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
attackVector:	NETWORK
attackComplexity:	LOW
privilegesRequired:	LOW
userInteraction:	NONE
scope:	UNCHANGED
confidentialityImpact:	HIGH
integrityImpact:	HIGH
availabilityImpact:	HIGH
exploitabilityScore:	2.8
impactScore:	5.9
version:	3.0
Trust: 1.8

sources: CNVD: CNVD-2018-11505 // VULHUB: VHN-137982 // JVNDB: JVNDB-2018-005553 // CNNVD: CNNVD-201806-139 // NVD: CVE-2018-7950

PROBLEMTYPE DATA

problemtype:	CWE-94	Trust: 1.1
problemtype:	CWE-74	Trust: 0.9

sources: VULHUB: VHN-137982 // JVNDB: JVNDB-2018-005553 // NVD: CVE-2018-7950

THREAT TYPE

remote

Trust: 0.6

sources: CNNVD: CNNVD-201806-139

TYPE

code injection

Trust: 0.6

sources: CNNVD: CNNVD-201806-139

CONFIGURATIONS

sources: JVNDB: JVNDB-2018-005553

PATCH

title:	huawei-sa-20180530-02-server	url:	https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20180530-02-server-en	Trust: 0.8
title:	Patches for various Huawei products IntelligentBaseboardManagementController Privilege Escalation Vulnerability (CNVD-2018-11505)	url:	https://www.cnvd.org.cn/patchInfo/show/132013	Trust: 0.6
title:	Multiple Huawei product Intelligent Baseboard Management Controller Security vulnerabilities	url:	http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=80496	Trust: 0.6

sources: CNVD: CNVD-2018-11505 // JVNDB: JVNDB-2018-005553 // CNNVD: CNNVD-201806-139

EXTERNAL IDS

db:	NVD	id:	CVE-2018-7950	Trust: 3.1
db:	JVNDB	id:	JVNDB-2018-005553	Trust: 0.8
db:	CNNVD	id:	CNNVD-201806-139	Trust: 0.7
db:	CNVD	id:	CNVD-2018-11505	Trust: 0.6
db:	VULHUB	id:	VHN-137982	Trust: 0.1

sources: CNVD: CNVD-2018-11505 // VULHUB: VHN-137982 // JVNDB: JVNDB-2018-005553 // CNNVD: CNNVD-201806-139 // NVD: CVE-2018-7950

REFERENCES

url:	http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20180530-02-server-en	Trust: 2.3
url:	https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2018-7950	Trust: 0.8
url:	https://nvd.nist.gov/vuln/detail/cve-2018-7950	Trust: 0.8

sources: CNVD: CNVD-2018-11505 // VULHUB: VHN-137982 // JVNDB: JVNDB-2018-005553 // CNNVD: CNNVD-201806-139 // NVD: CVE-2018-7950

SOURCES

db:	CNVD	id:	CNVD-2018-11505
db:	VULHUB	id:	VHN-137982
db:	JVNDB	id:	JVNDB-2018-005553
db:	CNNVD	id:	CNNVD-201806-139
db:	NVD	id:	CVE-2018-7950

LAST UPDATE DATE

2024-11-23T21:53:00.466000+00:00

SOURCES UPDATE DATE

db:	CNVD	id:	CNVD-2018-11505	date:	2018-06-14T00:00:00
db:	VULHUB	id:	VHN-137982	date:	2020-08-24T00:00:00
db:	JVNDB	id:	JVNDB-2018-005553	date:	2018-07-20T00:00:00
db:	CNNVD	id:	CNNVD-201806-139	date:	2020-10-22T00:00:00
db:	NVD	id:	CVE-2018-7950	date:	2024-11-21T04:13:00.710

SOURCES RELEASE DATE

db:	CNVD	id:	CNVD-2018-11505	date:	2018-06-14T00:00:00
db:	VULHUB	id:	VHN-137982	date:	2018-06-01T00:00:00
db:	JVNDB	id:	JVNDB-2018-005553	date:	2018-07-20T00:00:00
db:	CNNVD	id:	CNNVD-201806-139	date:	2018-06-04T00:00:00
db:	NVD	id:	CVE-2018-7950	date:	2018-06-01T14:29:00.830