CVE-2018-7949

EUVD-2018-19661
The iBMC (Intelligent Baseboard Management Controller) of some Huawei servers have a privilege escalation vulnerability. A remote attacker may send some specially crafted login messages to the affected products. Due to improper authentication design, successful exploit enables low privileged users to get or modify passwords of highly privileged users.
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTPrimary
8.8 HIGH
NETWORK
LOW
LOW
CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Awaiting analysis
This vulnerability is currently awaiting analysis.
Base Score
CVSS 3.x
EPSS Score
Percentile: 41%
Common Weakness Enumeration
References
http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20180530-03-server-en
http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20180530-03-server-en