CVSS: 5.5EPSS: 0%CPEs: 14EXPL: 0CVE-2016-6900
https://notcve.org/view.php?id=CVE-2016-6900
The Intelligent Baseboard Management Controller (iBMC) in Huawei RH1288 V3 servers with software before V100R003C00SPC613; RH2288 V3 servers with software before V100R003C00SPC617; RH2288H V3 servers with software before V100R003C00SPC515; RH5885 V3 servers with software before V100R003C10SPC102; and XH620 V3, XH622 V3, and XH628 V3 servers with software before V100R003C00SPC610 allows local users to cause a denial of service (iBMC resource consumption) via unspecified vectors. Intelligent Baseboard Management Controller (iBMC) en servidores Huawei RH1288 V3 con software anterior a V100R003C00SPC613; servidores RH2288 V3 con software anterior a V100R003C00SPC617; servidores RH2288H V3 con software anterior a V100R003C00SPC515; servidores RH5885 V3 con software anterior a V100R003C10SPC102 XH620 V3, XH622 V3 y servidores XH628 V3 con software anterior a V100R003C00SPC610 permite a usuarios locales provocar una denegación de servicio (recurso de consumo iBMC) a través de vectores no especificados. • http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20160824-01-server-en • CWE-399: Resource Management Errors •
CVSS: 7.5EPSS: 0%CPEs: 14EXPL: 0CVE-2016-6899
https://notcve.org/view.php?id=CVE-2016-6899
The Intelligent Baseboard Management Controller (iBMC) in Huawei RH1288 V3 servers with software before V100R003C00SPC613, RH2288 V3 servers with software before V100R003C00SPC617, RH2288H V3 servers with software before V100R003C00SPC515, RH5885 V3 servers with software before V100R003C10SPC102, and XH620 V3, XH622 V3, and XH628 V3 servers with software before V100R003C00SPC610 might allow remote attackers to decrypt encrypted data and consequently obtain sensitive information by leveraging selection of an insecure SSL encryption algorithm. Intelligent Baseboard Management Controller (iBMC) en servidores Huawei RH1288 V3 con software anterior a V100R003C00SPC613, servidores RH2288 V3 con software anterior a V100R003C00SPC617, servidores RH2288H V3 con software anterior a V100R003C00SPC515, servidores RH5885 V3 con software anterior a V100R003C10SPC102 y XH620 V3, XH622 V3 y servidores XH628 V3 con software anterior a V100R003C00SPC610 podría permitir a atacantes remotos descepcriptar datos encriptados y consecuentemente obtener información sensible, mediante el aprovechamiento de la selección de un cifrado de algoritmo inseguro SSL. • http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20160824-02-server-en http://www.securityfocus.com/bid/92623 • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor CWE-310: Cryptographic Issues •