Описание
Huawei iBMC V200R002C10; V200R002C20; V200R002C30 have an improper authorization vulnerability. The software incorrectly performs an authorization check when a normal user attempts to access certain information which is supposed to be accessed only by admin user. Successful exploit could cause information disclosure.
Уязвимые конфигурации
Конфигурация 1
Одновременно
Одно из
cpe:2.3:o:huawei:ibmc_firmware:v200r002c10:*:*:*:*:*:*:*
cpe:2.3:o:huawei:ibmc_firmware:v200r002c20:*:*:*:*:*:*:*
cpe:2.3:o:huawei:ibmc_firmware:v200r002c30:*:*:*:*:*:*:*
cpe:2.3:h:huawei:ibmc:-:*:*:*:*:*:*:*
EPSS
Процентиль: 21%
0.00069
Низкий
4.3 Medium
CVSS3
4 Medium
CVSS2
Дефекты
CWE-863
Связанные уязвимости
CVSS3: 4.3
github
больше 3 лет назад
Huawei iBMC V200R002C10; V200R002C20; V200R002C30 have an improper authorization vulnerability. The software incorrectly performs an authorization check when a normal user attempts to access certain information which is supposed to be accessed only by admin user. Successful exploit could cause information disclosure.
EPSS
Процентиль: 21%
0.00069
Низкий
4.3 Medium
CVSS3
4 Medium
CVSS2
Дефекты
CWE-863