CVE-2018-7949

Name of the Vulnerable Software and Affected Versions: Huawei iBMC (affected versions not specified)

Description: The issue is related to a privilege escalation vulnerability in the Intelligent Baseboard Management Controller (iBMC) of some Huawei servers. A remote attacker can send specially crafted login messages to exploit the vulnerability, which is caused by improper authentication design. Successful exploitation allows low-privileged users to obtain or modify passwords of highly privileged users.

Recommendations: At the moment, there is no information about a newer version that contains a fix for this vulnerability.