{"containers": {"cna": {"affected": [{"product": "1288H V5; 2288H V5; 2488 V5 ; CH121 V3; CH121L V3; CH121L V5 ; CH121 V5 ; CH140 V3; CH140L V3; CH220 V3; CH222 V3; CH242 V3; CH242 V5 ; RH1288 V3; RH2288 V3; RH2288H V3; XH310 V3; XH321 V3; XH321 V5; XH620 V3", "vendor": "Huawei Technologies Co., Ltd.", "versions": [{"status": "affected", "version": "1288H V5 V100R005C00"}, {"status": "affected", "version": "2288H V5 V100R005C00"}, {"status": "affected", "version": "2488 V5 V100R005C00"}, {"status": "affected", "version": "CH121 V3 V100R001C00"}, {"status": "affected", "version": "CH121L V3 V100R001C00"}, {"status": "affected", "version": "CH121L V5 V100R001C00"}, {"status": "affected", "version": "CH121 V5 V100R001C00"}, {"status": "affected", "version": "CH140 V3 V100R001C00"}, {"status": "affected", "version": "CH140L V3 V100R001C00"}, {"status": "affected", "version": "CH220 V3 V100R001C00"}, {"status": "affected", "version": "CH222 V3 V100R001C00"}, {"status": "affected", "version": "CH242 V3 V100R001C00"}, {"status": "affected", "version": "CH242 V5 V100R001C00"}, {"status": "affected", "version": "RH1288 V3 V100R003C00"}, {"status": "affected", "version": "RH2288 V3 V100R003C00"}, {"status": "affected", "version": "RH2288H V3 V100R003C00"}, {"status": "affected", "version": "XH310 V3 V100R003C00"}, {"status": "affected", "version": "XH321 V3 V100R003C00"}, {"status": "affected", "version": "XH321 V5 V100R005C00"}, {"status": "affected", "version": "XH620 V3 V100R003C00"}]}], "datePublic": "2018-05-30T00:00:00.000Z", "descriptions": [{"lang": "en", "value": "There is an authentication bypass vulnerability in some Huawei servers. A remote attacker with low privilege may bypass the authentication by some special operations. Due to insufficient authentication, an attacker may exploit the vulnerability to get some sensitive information and high-level users' privilege."}], "problemTypes": [{"descriptions": [{"description": "authentication bypass", "lang": "en", "type": "text"}]}], "providerMetadata": {"dateUpdated": "2018-06-05T14:57:01.000Z", "orgId": "25ac1063-e409-4190-8079-24548c77ea2e", "shortName": "huawei"}, "references": [{"tags": ["x_refsource_CONFIRM"], "url": "http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20180530-01-server-en"}], "x_legacyV4Record": {"CVE_data_meta": {"ASSIGNER": "psirt@huawei.com", "DATE_PUBLIC": "2018-05-30T00:00:00", "ID": "CVE-2018-7943", "STATE": "PUBLIC"}, "affects": {"vendor": {"vendor_data": [{"product": {"product_data": [{"product_name": "1288H V5; 2288H V5; 2488 V5 ; CH121 V3; CH121L V3; CH121L V5 ; CH121 V5 ; CH140 V3; CH140L V3; CH220 V3; CH222 V3; CH242 V3; CH242 V5 ; RH1288 V3; RH2288 V3; RH2288H V3; XH310 V3; XH321 V3; XH321 V5; XH620 V3", "version": {"version_data": [{"version_value": "1288H V5 V100R005C00"}, {"version_value": "2288H V5 V100R005C00"}, {"version_value": "2488 V5 V100R005C00"}, {"version_value": "CH121 V3 V100R001C00"}, {"version_value": "CH121L V3 V100R001C00"}, {"version_value": "CH121L V5 V100R001C00"}, {"version_value": "CH121 V5 V100R001C00"}, {"version_value": "CH140 V3 V100R001C00"}, {"version_value": "CH140L V3 V100R001C00"}, {"version_value": "CH220 V3 V100R001C00"}, {"version_value": "CH222 V3 V100R001C00"}, {"version_value": "CH242 V3 V100R001C00"}, {"version_value": "CH242 V5 V100R001C00"}, {"version_value": "RH1288 V3 V100R003C00"}, {"version_value": "RH2288 V3 V100R003C00"}, {"version_value": "RH2288H V3 V100R003C00"}, {"version_value": "XH310 V3 V100R003C00"}, {"version_value": "XH321 V3 V100R003C00"}, {"version_value": "XH321 V5 V100R005C00"}, {"version_value": "XH620 V3 V100R003C00"}]}}]}, "vendor_name": "Huawei Technologies Co., Ltd."}]}}, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": {"description_data": [{"lang": "eng", "value": "There is an authentication bypass vulnerability in some Huawei servers. A remote attacker with low privilege may bypass the authentication by some special operations. Due to insufficient authentication, an attacker may exploit the vulnerability to get some sensitive information and high-level users' privilege."}]}, "problemtype": {"problemtype_data": [{"description": [{"lang": "eng", "value": "authentication bypass"}]}]}, "references": {"reference_data": [{"name": "http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20180530-01-server-en", "refsource": "CONFIRM", "url": "http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20180530-01-server-en"}]}}}, "adp": [{"providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-05T06:37:59.625Z"}, "title": "CVE Program Container", "references": [{"tags": ["x_refsource_CONFIRM", "x_transferred"], "url": "http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20180530-01-server-en"}]}]}, "cveMetadata": {"assignerOrgId": "25ac1063-e409-4190-8079-24548c77ea2e", "assignerShortName": "huawei", "cveId": "CVE-2018-7943", "datePublished": "2018-06-05T15:00:00.000Z", "dateReserved": "2018-03-09T00:00:00.000Z", "dateUpdated": "2024-09-17T02:05:37.375Z", "state": "PUBLISHED"}, "dataType": "CVE_RECORD", "dataVersion": "5.1"}

{}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:huawei:1288h_v5_firmware:v100r005c00:*:*:*:*:*:*:*", "matchCriteriaId": "40D2568F-0B77-40A2-AA93-278BE46231C2", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:huawei:1288h_v5:-:*:*:*:*:*:*:*", "matchCriteriaId": "A97FE467-E5EB-45B4-B7EA-2E8232307CEE", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:huawei:2288h_v5_firmware:v100r005c00:*:*:*:*:*:*:*", "matchCriteriaId": "0152651D-882D-4ED9-9FC7-F820A597FA6E", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:huawei:2288h_v5:-:*:*:*:*:*:*:*", "matchCriteriaId": "0E01F546-8E5E-4A5A-B921-DF985FF1D7ED", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:huawei:2488_v5_firmware:v100r005c00:*:*:*:*:*:*:*", "matchCriteriaId": "5CCEA7BB-CD55-4F09-B43D-41BFB4ADFBFD", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:huawei:2488_v5:-:*:*:*:*:*:*:*", "matchCriteriaId": "C8494E22-C84A-4201-96A3-02D8CBAC7C02", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:huawei:ch121_v3_firmware:v100r001c00:*:*:*:*:*:*:*", "matchCriteriaId": "8C124EED-41A3-447B-909D-A77CBF12C7CE", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:huawei:ch121_v3:-:*:*:*:*:*:*:*", "matchCriteriaId": "2FF9E151-2924-47F8-A20B-E413C548F9AA", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:huawei:ch121l_v3_firmware:v100r001c00:*:*:*:*:*:*:*", "matchCriteriaId": "1DDDBEA9-7D8B-4297-AC36-4A9A60EFA84C", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:huawei:ch121l_v3:-:*:*:*:*:*:*:*", "matchCriteriaId": "58588D8E-57C2-466C-96DD-B7F679AC7EA7", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:huawei:ch121l_v5_firmware:v100r001c00:*:*:*:*:*:*:*", "matchCriteriaId": "9AC39EC1-2BA7-4D4A-8BB7-F3B98B13711C", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:huawei:ch121l_v5:-:*:*:*:*:*:*:*", "matchCriteriaId": "4F9F3B0F-41E5-4846-B572-5EDB4BAE50F2", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:huawei:ch121_v5_firmware:v100r001c00:*:*:*:*:*:*:*", "matchCriteriaId": "CE562D3B-611B-4BB5-B9C3-F719BB38D47B", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:huawei:ch121_v5:-:*:*:*:*:*:*:*", "matchCriteriaId": "48D2E997-5EC8-46F3-9AC9-B06A01FBBF92", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:huawei:ch140_v3_firmware:v100r001c00:*:*:*:*:*:*:*", "matchCriteriaId": "E8D036DA-9AD2-453A-BD64-64C9A8B702CB", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:huawei:ch140_v3:-:*:*:*:*:*:*:*", "matchCriteriaId": "B0C4EBB9-35CB-4EA3-80AA-005785806CB8", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:huawei:ch140l_v3_firmware:v100r001c00:*:*:*:*:*:*:*", "matchCriteriaId": "5A7A9E3C-E2AE-44BD-84BB-3D61B3043D9E", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:huawei:ch140l_v3:-:*:*:*:*:*:*:*", "matchCriteriaId": "AEF1B2D3-C978-4014-8FE6-1A39BCBA0F34", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:huawei:ch220_v3_firmware:v100r001c00:*:*:*:*:*:*:*", "matchCriteriaId": "36061858-18ED-4F9F-AA66-15ED33EFDA96", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:huawei:ch220_v3:-:*:*:*:*:*:*:*", "matchCriteriaId": "D6D24534-B42F-48F4-8E04-5C6CFD64C4B1", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:huawei:ch222_v3_firmware:v100r001c00:*:*:*:*:*:*:*", "matchCriteriaId": "FFDF5C51-485F-4634-B985-508ED38F7A9B", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:huawei:ch222_v3:-:*:*:*:*:*:*:*", "matchCriteriaId": "69FEA658-EC41-4E35-B36D-42C4770E44ED", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:huawei:ch242_v3_firmware:v100r001c00:*:*:*:*:*:*:*", "matchCriteriaId": "563AC0A9-568C-4010-9142-28C88349B587", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:huawei:ch242_v3:-:*:*:*:*:*:*:*", "matchCriteriaId": "D2637E43-1937-4320-AAF4-3770C332B66E", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:huawei:ch242_v5_firmware:v100r001c00:*:*:*:*:*:*:*", "matchCriteriaId": "5CA4F054-5DD1-41DD-89B0-DD60FEC233D4", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:huawei:ch242_v5:-:*:*:*:*:*:*:*", "matchCriteriaId": "F38C6CB2-4851-43E9-B608-99857AEEE900", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:huawei:rh1288_v3_firmware:v100r003c00:*:*:*:*:*:*:*", "matchCriteriaId": "04E82A05-5922-48BF-95B0-EE08A80E0070", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:huawei:rh1288_v3:-:*:*:*:*:*:*:*", "matchCriteriaId": "C20F56E3-3F39-4038-9918-96F1EAB82A85", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:huawei:rh2288_v3_firmware:v100r003c00:*:*:*:*:*:*:*", "matchCriteriaId": "5D56D3C5-C96C-4B82-A22A-4F9E35A45786", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:huawei:rh2288_v3:-:*:*:*:*:*:*:*", "matchCriteriaId": "24C453A0-D125-4152-A8BF-E369F7D48322", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:huawei:rh2288h_v3_firmware:v100r003c00:*:*:*:*:*:*:*", "matchCriteriaId": "4DC5328E-0239-4A84-9D38-F9AB8D19ABBA", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:huawei:rh2288h_v3:-:*:*:*:*:*:*:*", "matchCriteriaId": "1A0B7D22-4BCE-4BF0-9738-8EBEEB9ED643", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:huawei:xh310_v3_firmware:v100r003c00:*:*:*:*:*:*:*", "matchCriteriaId": "4AC5E6CD-171C-4991-99BD-109F7817666D", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:huawei:xh310_v3:-:*:*:*:*:*:*:*", "matchCriteriaId": "8823E10A-ADA2-4364-A4F3-A0BCD64DACC3", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:huawei:xh321_v3_firmware:v100r003c00:*:*:*:*:*:*:*", "matchCriteriaId": "0EFD9834-0C3F-41A1-8155-19426E47E23B", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:huawei:xh321_v3:-:*:*:*:*:*:*:*", "matchCriteriaId": "CC29DFDD-8B50-48FC-9700-BDF766B6986B", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:huawei:xh321_v5_firmware:v100r005c00:*:*:*:*:*:*:*", "matchCriteriaId": "B01CB1D4-B34F-4718-A542-7F4244A55A8B", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:huawei:xh321_v5:-:*:*:*:*:*:*:*", "matchCriteriaId": "62587B2F-1C9F-4BE5-8E4B-8713ACAA0AA1", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:huawei:xh620_v3_firmware:v100r003c00:*:*:*:*:*:*:*", "matchCriteriaId": "ACC82BB7-D6A2-449A-98D2-7DE8F07A837B", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:huawei:xh620_v3:-:*:*:*:*:*:*:*", "matchCriteriaId": "CA54C1AF-8F77-4D40-B938-38887782D3AF", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}], "descriptions": [{"lang": "en", "value": "There is an authentication bypass vulnerability in some Huawei servers. A remote attacker with low privilege may bypass the authentication by some special operations. Due to insufficient authentication, an attacker may exploit the vulnerability to get some sensitive information and high-level users' privilege."}, {"lang": "es", "value": "Hay una vulnerabilidad de omisi\u00f3n de autenticaci\u00f3n en algunos servidores Huawei. Un atacante remoto con pocos privilegios podr\u00eda omitir la autenticaci\u00f3n por medio de algunas operaciones especiales. Debido a una autenticaci\u00f3n insuficiente, un atacante podr\u00eda explotar la vulnerabilidad para obtener informaci\u00f3n sensible y privilegios de usuarios de alto nivel."}], "id": "CVE-2018-7943", "lastModified": "2024-11-21T04:13:00.077", "metrics": {"cvssMetricV2": [{"acInsufInfo": false, "baseSeverity": "MEDIUM", "cvssData": {"accessComplexity": "LOW", "accessVector": "NETWORK", "authentication": "SINGLE", "availabilityImpact": "PARTIAL", "baseScore": 6.5, "confidentialityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "vectorString": "AV:N/AC:L/Au:S/C:P/I:P/A:P", "version": "2.0"}, "exploitabilityScore": 8.0, "impactScore": 6.4, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": false}], "cvssMetricV30": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 8.8, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "version": "3.0"}, "exploitabilityScore": 2.8, "impactScore": 5.9, "source": "nvd@nist.gov", "type": "Primary"}]}, "published": "2018-06-05T15:29:00.457", "references": [{"source": "psirt@huawei.com", "tags": ["Vendor Advisory"], "url": "http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20180530-01-server-en"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Vendor Advisory"], "url": "http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20180530-01-server-en"}], "sourceIdentifier": "psirt@huawei.com", "vulnStatus": "Modified", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-287"}], "source": "nvd@nist.gov", "type": "Primary"}]}

{}

{}