There is an authentication bypass vulnerability in some Huawei servers. A remote attacker with low privilege may bypass the authentication by some special operations. Due to insufficient authentication, an attacker may exploit the vulnerability to get some sensitive information and high-level users' privilege.
Default status is the baseline for the product, each version can override it (e.g. patched versions marked unaffected).
| Vendor | Product | Default status | Versions | |||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
| Huawei Technologies Co., Ltd. | 1288H V5; 2288H V5; 2488 V5 ; CH121 V3; CH121L V3; CH121L V5 ; CH121 V5 ; CH140 V3; CH140L V3; CH220 V3; CH222 V3; CH242 V3; CH242 V5 ; RH1288 V3; RH2288 V3; RH2288H V3; XH310 V3; XH321 V3; XH321 V5; XH620 V3 | affected |
|
Configuration 1 [-]
| AND |
|
Configuration 2 [-]
| AND |
|
Configuration 3 [-]
| AND |
|
Configuration 4 [-]
| AND |
|
Configuration 5 [-]
| AND |
|
Configuration 6 [-]
| AND |
|
Configuration 7 [-]
| AND |
|
Configuration 8 [-]
| AND |
|
Configuration 9 [-]
| AND |
|
Configuration 10 [-]
| AND |
|
Configuration 11 [-]
| AND |
|
Configuration 12 [-]
| AND |
|
Configuration 13 [-]
| AND |
|
Configuration 14 [-]
| AND |
|
Configuration 15 [-]
| AND |
|
Configuration 16 [-]
| AND |
|
Configuration 17 [-]
| AND |
|
Configuration 18 [-]
| AND |
|
Configuration 19 [-]
| AND |
|
Configuration 20 [-]
| AND |
|
No data.
No data.
Project Subscriptions
| Vendors | Products |
|---|---|
|
Huawei
Subscribe
|
1288h V5
Subscribe
1288h V5 Firmware
Subscribe
2288h V5
Subscribe
2288h V5 Firmware
Subscribe
2488 V5
Subscribe
2488 V5 Firmware
Subscribe
Ch121 V3
Subscribe
Ch121 V3 Firmware
Subscribe
Ch121 V5
Subscribe
Ch121 V5 Firmware
Subscribe
Ch121l V3
Subscribe
Ch121l V3 Firmware
Subscribe
Ch121l V5
Subscribe
Ch121l V5 Firmware
Subscribe
Ch140 V3
Subscribe
Ch140 V3 Firmware
Subscribe
Ch140l V3
Subscribe
Ch140l V3 Firmware
Subscribe
Ch220 V3
Subscribe
Ch220 V3 Firmware
Subscribe
Ch222 V3
Subscribe
Ch222 V3 Firmware
Subscribe
Ch242 V3
Subscribe
Ch242 V3 Firmware
Subscribe
Ch242 V5
Subscribe
Ch242 V5 Firmware
Subscribe
Rh1288 V3
Subscribe
Rh1288 V3 Firmware
Subscribe
Rh2288 V3
Subscribe
Rh2288 V3 Firmware
Subscribe
Rh2288h V3
Subscribe
Rh2288h V3 Firmware
Subscribe
Xh310 V3
Subscribe
Xh310 V3 Firmware
Subscribe
Xh321 V3
Subscribe
Xh321 V3 Firmware
Subscribe
Xh321 V5
Subscribe
Xh321 V5 Firmware
Subscribe
Xh620 V3
Subscribe
Xh620 V3 Firmware
Subscribe
|
Advisories
| Source | ID | Title |
|---|---|---|
 EUVD |
EUVD-2018-19655 | There is an authentication bypass vulnerability in some Huawei servers. A remote attacker with low privilege may bypass the authentication by some special operations. Due to insufficient authentication, an attacker may exploit the vulnerability to get some sensitive information and high-level users' privilege. |
Fixes
Solution
No solution given by the vendor.
Workaround
No workaround given by the vendor.
References
History
No history.
Projects
Sign in to view the affected projects.
MITRE
Status: PUBLISHED
Assigner: huawei
Published:
Updated: 2024-09-17T02:05:37.375Z
Reserved: 2018-03-09T00:00:00.000Z
Link: CVE-2018-7943
Vulnrichment
No data.
NVD
Status : Modified
Published: 2018-06-05T15:29:00.457
Modified: 2024-11-21T04:13:00.077
Link: CVE-2018-7943
Redhat
No data.
OpenCVE Enrichment
No data.
Weaknesses