Free and open-source vulnerability scanner

Mageni eases for you the vulnerability scanning, assessment, and management process. It is free and open-source.

Install Now

Available for macOS, Windows, and Linux

App screenshot

Huawei Data Communication: Side-Channel Vulnerability Variants 3a and 4 (huawei-sa-20180615-01-cpu)

Information

Severity

Severity

Medium

Family

Family

Huawei

CVSSv2 Base

CVSSv2 Base

4.7

CVSSv2 Vector

CVSSv2 Vector

AV:L/AC:M/Au:N/C:C/I:N/A:N

Solution Type

Solution Type

Vendor Patch

Created

Created

3 years ago

Modified

Modified

3 years ago

Summary

Intel publicly disclosed new variants of the side-channel central processing unit (CPU) hardware vulnerabilities known as 'Spectre' and 'Meltdown'.

Insight

Insight

Intel publicly disclosed new variants of the side-channel central processing unit (CPU) hardware vulnerabilities known as 'Spectre' and 'Meltdown'.

Affected Software

Affected Software

Huawei 1288H V5, 2288H V5, 2488 V5, 2488H V5, 5288 V3, RH1288 V3, RH2288 V3, RH2288H V3, XH310 V3, XH321 V3, XH620 V3, XH622 V3, XH628 V3, 5288 V5, AR3600, BH622 V2, BH640 V2, CH121 V3, CH220 V3, CH222 V3, CH121 V5, CH121L V5, CH121H V3, CH121L V3, CH140L V3, CH225 V3, CH140 V3, CH226 V3, CH242 V3, CH242 V3 DDR4, CH242 V5, FusionCompute, Honor MagicBook (VLT-W50/ VLT-W60), HUAWEI MateBook (HZ-W09/ HZ-W19/ HZ-W29), HUAWEI MateBook B200/ MateBook D (PL-W09/ PL-W19/ PL-W29), HUAWEI MateBook D (MRC-W10/ MRC-W50/ MRC-W60), HUAWEI MateBook X Pro (MACH-W19/ MACH-W29), ManageOne, RH1288 V2, RH1288A V2, RH2265 V2, RH2285 V2, RH2285H V2, RH2288 V2, RH2268 V2, RH2288A V2, RH2288E V2, RH2288H V2, RH2485 V2, RH5885 V2 4S, RH5885 V2 8S, RH5885 V3 (E7V2), RH5885 V3 (E7V3&E7V4), RH5885H V3 (E7V2), RH5885H V3 (E7V3), RH5885H V3 (E7V4), RH8100 V3 (E7V2&E7V3), RH8100 V3 (E7V4), SMC2.0 and XH321 V5.

Detection Method

Detection Method

Checks if a vulnerable version is present on the target host.

Solution

Solution

See the referenced vendor advisory for a solution.

Common Vulnerabilities and Exposures (CVE)