CVE-2016-6838

Huawei X6800 and XH620 V3 servers with software before V100R003C00SPC606, RH1288 V3 servers with software before V100R003C00SPC613, RH2288 V3 servers with software before V100R003C00SPC617, CH140 V3 and CH226 V3 servers with software before V100R001C00SPC122, CH220 V3 servers with software before V100R001C00SPC201, and CH121 V3 and CH222 V3 servers with software before V100R001C00SPC202 might allow remote attackers to decrypt encrypted data and consequently obtain sensitive information by leveraging selection of an insecure SSH encryption algorithm.
Configurations

Configuration 1 (hide)

AND
OR cpe:2.3:o:huawei:rh1288_v3_server_firmware:v100r003c00:*:*:*:*:*:*:*
cpe:2.3:o:huawei:rh2288_v3_server_firmware:v100r003c00:*:*:*:*:*:*:*
cpe:2.3:o:huawei:x6800_v3_server_firmware:v100r003c00:*:*:*:*:*:*:*
cpe:2.3:o:huawei:xh620_v3_server_firmware:v100r003c00:*:*:*:*:*:*:*
OR cpe:2.3:h:huawei:rh1288_v3_server:-:*:*:*:*:*:*:*
cpe:2.3:h:huawei:rh2288_v3_server:-:*:*:*:*:*:*:*
cpe:2.3:h:huawei:x6800_v3_server:-:*:*:*:*:*:*:*
cpe:2.3:h:huawei:xh620_v3_server:-:*:*:*:*:*:*:*

Configuration 2 (hide)

AND
OR cpe:2.3:o:huawei:ch121_v3_server_firmware:v100r001c00:*:*:*:*:*:*:*
cpe:2.3:o:huawei:ch140_v3_server_firmware:v100r001c00:*:*:*:*:*:*:*
cpe:2.3:o:huawei:ch220_v3_server_firmware:v100r001c00:*:*:*:*:*:*:*
cpe:2.3:o:huawei:ch222_v3_server_firmware:v100r001c00:*:*:*:*:*:*:*
cpe:2.3:o:huawei:ch226_v3_server_firmware:v100r001c00:*:*:*:*:*:*:*
OR cpe:2.3:h:huawei:ch121_v3_server:-:*:*:*:*:*:*:*
cpe:2.3:h:huawei:ch140_v3_server:-:*:*:*:*:*:*:*
cpe:2.3:h:huawei:ch220_v3_server:-:*:*:*:*:*:*:*
cpe:2.3:h:huawei:ch222_v3_server:-:*:*:*:*:*:*:*
cpe:2.3:h:huawei:ch226_v3_server:-:*:*:*:*:*:*:*

History

21 Nov 2024, 02:56

Type Values Removed Values Added
References () http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20160817-02-server-en - Vendor Advisory () http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20160817-02-server-en - Vendor Advisory
References () http://www.securityfocus.com/bid/92503 - Third Party Advisory, VDB Entry () http://www.securityfocus.com/bid/92503 - Third Party Advisory, VDB Entry

Information

Published : 2016-09-07 19:28

Updated : 2024-11-21 02:56


NVD link : CVE-2016-6838

Mitre link : CVE-2016-6838

CVE.ORG link : CVE-2016-6838


JSON object : View

Products Affected

huawei

  • x6800_v3_server
  • rh1288_v3_server
  • rh1288_v3_server_firmware
  • rh2288_v3_server_firmware
  • ch226_v3_server_firmware
  • ch140_v3_server_firmware
  • ch121_v3_server_firmware
  • xh620_v3_server
  • ch222_v3_server_firmware
  • ch222_v3_server
  • ch140_v3_server
  • ch226_v3_server
  • ch220_v3_server
  • xh620_v3_server_firmware
  • rh2288_v3_server
  • ch220_v3_server_firmware
  • x6800_v3_server_firmware
  • ch121_v3_server
CWE
CWE-200

Exposure of Sensitive Information to an Unauthorized Actor

CWE-310

Cryptographic Issues