Huawei Server iBMC JSON Injection Vulnerability

Huawei Server iBMC JSON Injection Vulnerability

CVE-2018-7951 · HIGH Severity

AV:N/AC:L/AU:S/C:C/I:C/A:C

The iBMC (Intelligent Baseboard Management Controller) of some Huawei servers have a JSON injection vulnerability due to insufficient input validation. An authenticated, remote attacker can launch a JSON injection to modify the password of administrator. Successful exploit may allow attackers to obtain the management privilege of the system.

Learn more about our Cis Benchmark Audit For Ibm I.