Huawei iBMC V200R002C10; V200R002C20; V200R002C30 have an improper authorization vulnerability. The software incorrectly performs an authorization check when a normal user attempts to access certain information which is supposed to be accessed only by admin user. Successful exploit could cause information disclosure.
[
{
"product": "iBMC",
"vendor": "Huawei Technologies Co., Ltd.",
"versions": [
{
"status": "affected",
"version": "V200R002C10"
},
{
"status": "affected",
"version": "V200R002C20"
},
{
"status": "affected",
"version": "V200R002C30"
}
]
}
]