Details of VAR-202102-1561

ID

VAR-202102-1561

TITLE

Huawei Technologies Co., Ltd. Huawei TaiShan 2280 server intelligent management system IBMC has weak password vulnerability

Trust: 0.6

sources: CNVD: CNVD-2021-04127

DESCRIPTION

The Huawei TaiShan 2280 server intelligent management system IBMC (Huawei Intelligent Baseboard Management Controller, hereinafter referred to as iBMC) is an embedded server management system for the full life cycle of the server. Huawei Technologies Co., Ltd. Huawei TaiShan 2280 server intelligent management system IBMC has a weak password vulnerability. Attackers can use the vulnerability to obtain sensitive information.

Trust: 0.6

sources: CNVD: CNVD-2021-04127

IOT TAXONOMY

category:

['Network device']

sub_category:

Trust: 0.6

sources: CNVD: CNVD-2021-04127

AFFECTED PRODUCTS

vendor:

huawei

model:

taishan server intelligent management system ibmc taishan

scope:

version:

2280100

Trust: 0.6

sources: CNVD: CNVD-2021-04127

CVSS

SEVERITY

CVSSV2

CVSSV3

CNVD:	CNVD-2021-04127
value:	MEDIUM
Trust: 0.6

CNVD:	CNVD-2021-04127
severity:	MEDIUM
baseScore:	5.0
vectorString:	AV:N/AC:L/AU:N/C:P/I:N/A:N
accessVector:	NETWORK
accessComplexity:	LOW
authentication:	NONE
confidentialityImpact:	PARTIAL
integrityImpact:	NONE
availabilityImpact:	NONE
exploitabilityScore:	10.0
impactScore:	2.9
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.0
Trust: 0.6

sources: CNVD: CNVD-2021-04127

EXTERNAL IDS

db:

CNVD

id:

CNVD-2021-04127

Trust: 0.6

sources: CNVD: CNVD-2021-04127

SOURCES

db:

CNVD

id:

CNVD-2021-04127

LAST UPDATE DATE

2022-05-04T09:02:16.575000+00:00

SOURCES UPDATE DATE

db:

CNVD

id:

CNVD-2021-04127

date:

2021-01-19T00:00:00

SOURCES RELEASE DATE

db:

CNVD

id:

CNVD-2021-04127

date:

2021-02-23T00:00:00