Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
Huawei iBMC V200R002C60 have an authentication bypass vulnerability. A remote attacker with low privilege may craft specific messages to upload authentication certificate to the affected products. Due to improper validation of the upload authority, successful exploit may cause privilege elevation.
CVSS Information
N/A
Vulnerability Type
N/A
Vulnerability Title
Huawei iBMC 安全漏洞
Vulnerability Description
Huawei iBMC是中国华为(Huawei)公司开发的一套服务器嵌入式智能管理系统。该系统具有远程运维、故障诊断、智能化管理和标准化接口管理等功能。 Huawei iBMC V200R002C60版本中存在身份验证绕过漏洞,该漏洞源于程序没有正确的校验上传权限。攻击者可通过构造特制的消息向受影响的产品上传认证凭证利用该漏洞提升权限。
CVSS Information
N/A
Vulnerability Type
N/A