Vulnerabilities (CVE)

Filtered by vendor Huawei Subscribe
Filtered by product 1288h V5 Firmware
Total 9 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2018-7949 1 Huawei 40 1288h V5, 1288h V5 Firmware, 2288h V5 and 37 more 2024-02-28 4.0 MEDIUM 8.8 HIGH
The iBMC (Intelligent Baseboard Management Controller) of some Huawei servers have a privilege escalation vulnerability. A remote attacker may send some specially crafted login messages to the affected products. Due to improper authentication design, successful exploit enables low privileged users to get or modify passwords of highly privileged users.
CVE-2018-7902 1 Huawei 4 1288h V5, 1288h V5 Firmware, 2288h V5 and 1 more 2024-02-28 4.0 MEDIUM 8.8 HIGH
Huawei 1288H V5 and 288H V5 with software of V100R005C00 have a JSON injection vulnerability. An authenticated, remote attacker can launch a JSON injection to modify the password of administrator. Due to insufficient verification of the input, this could be exploited to obtain the management privilege of the system.
CVE-2018-7950 1 Huawei 40 1288h V5, 1288h V5 Firmware, 2288h V5 and 37 more 2024-02-28 9.0 HIGH 8.8 HIGH
The iBMC (Intelligent Baseboard Management Controller) of some Huawei servers have a JSON injection vulnerability due to insufficient input validation. An authenticated, remote attacker can launch a JSON injection to modify the password of administrator. Successful exploit may allow attackers to obtain the management privilege of the system.
CVE-2018-7943 1 Huawei 40 1288h V5, 1288h V5 Firmware, 2288h V5 and 37 more 2024-02-28 6.5 MEDIUM 8.8 HIGH
There is an authentication bypass vulnerability in some Huawei servers. A remote attacker with low privilege may bypass the authentication by some special operations. Due to insufficient authentication, an attacker may exploit the vulnerability to get some sensitive information and high-level users' privilege.
CVE-2018-7903 1 Huawei 4 1288h V5, 1288h V5 Firmware, 2288h V5 and 1 more 2024-02-28 4.0 MEDIUM 8.8 HIGH
Huawei 1288H V5 and 288H V5 with software of V100R005C00 have a JSON injection vulnerability. An authenticated, remote attacker can launch a JSON injection to modify the password of administrator. Due to insufficient verification of the input, this could be exploited to obtain the management privilege of the system.
CVE-2018-7904 1 Huawei 4 1288h V5, 1288h V5 Firmware, 2288h V5 and 1 more 2024-02-28 4.0 MEDIUM 8.8 HIGH
Huawei 1288H V5 and 288H V5 with software of V100R005C00 have a JSON injection vulnerability. An authenticated, remote attacker can launch a JSON injection to modify the password of administrator. Due to insufficient verification of the input, this could be exploited to obtain the management privilege of the system.
CVE-2018-7941 1 Huawei 40 1288h V5, 1288h V5 Firmware, 2288h V5 and 37 more 2024-02-28 6.5 MEDIUM 8.8 HIGH
Huawei iBMC V200R002C60 have an authentication bypass vulnerability. A remote attacker with low privilege may craft specific messages to upload authentication certificate to the affected products. Due to improper validation of the upload authority, successful exploit may cause privilege elevation.
CVE-2018-7951 1 Huawei 40 1288h V5, 1288h V5 Firmware, 2288h V5 and 37 more 2024-02-28 9.0 HIGH 8.8 HIGH
The iBMC (Intelligent Baseboard Management Controller) of some Huawei servers have a JSON injection vulnerability due to insufficient input validation. An authenticated, remote attacker can launch a JSON injection to modify the password of administrator. Successful exploit may allow attackers to obtain the management privilege of the system.
CVE-2018-7942 1 Huawei 14 1288h V5, 1288h V5 Firmware, 2288h V5 and 11 more 2024-02-28 5.0 MEDIUM 7.5 HIGH
The iBMC (Intelligent Baseboard Management Controller) of some Huawei servers have an authentication bypass vulnerability. An unauthenticated, remote attacker may send some specially crafted messages to the affected products. Due to improper authentication design, successful exploit may cause some information leak.