CVE-2016-6838
Severity Score
7.5
*CVSS v3
Exploit Likelihood
*EPSS
Affected Versions
*CPE
Public Exploits
0
*Multiple Sources
Exploited in Wild
-
*KEV
Decision
-
*SSVC
Descriptions
Huawei X6800 and XH620 V3 servers with software before V100R003C00SPC606, RH1288 V3 servers with software before V100R003C00SPC613, RH2288 V3 servers with software before V100R003C00SPC617, CH140 V3 and CH226 V3 servers with software before V100R001C00SPC122, CH220 V3 servers with software before V100R001C00SPC201, and CH121 V3 and CH222 V3 servers with software before V100R001C00SPC202 might allow remote attackers to decrypt encrypted data and consequently obtain sensitive information by leveraging selection of an insecure SSH encryption algorithm.
Servidores Huawei X6800 y XH620 V3 con software en versiones anteriores a V100R003C00SPC606, servidores RH1288 V3 con software en versiones anteriores a V100R003C00SPC613, servidores RH2288 V3 con software en versiones anteriores a V100R003C00SPC617, CH140 V3 y servidores CH226 V3 con software en versiones anteriores a V100R001C00SPC122, servidores CH220 V3 con software en versiones anteriores a V100R001C00SPC201 y CH121 V3 y servidores CH222 V3 con software en versiones anteriores a V100R001C00SPC202 podría permitir a atacantes remotos desencripar datos encriptados y, consecuentemente, obtener información sensible mediante el aprovechamiento de la selección de un algoritmo de encriptación SSH inseguro.
*Credits:
N/A
CVSS Scores
Attack Vector
Attack Complexity
Privileges Required
User Interaction
Scope
Confidentiality
Integrity
Availability
Attack Vector
Attack Complexity
Authentication
Confidentiality
Integrity
Availability
* Common Vulnerability Scoring System
SSVC
- Decision:-
Exploitation
Automatable
Tech. Impact
* Organization's Worst-case Scenario
Timeline
- 2016-08-18 CVE Reserved
- 2016-09-07 CVE Published
- 2023-03-08 EPSS Updated
- 2024-08-06 CVE Updated
- ---------- Exploited in Wild
- ---------- KEV Due Date
- ---------- First Exploit
CWE
- CWE-200: Exposure of Sensitive Information to an Unauthorized Actor
- CWE-310: Cryptographic Issues
CAPEC
References (2)
| URL | Tag | Source |
|---|---|---|
| http://www.securityfocus.com/bid/92503 | Third Party Advisory |
| URL | Date | SRC |
|---|
| URL | Date | SRC |
|---|
| URL | Date | SRC |
|---|---|---|
| http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20160817-02-server-en | 2016-09-09 |
Affected Vendors, Products, and Versions
| Vendor | Product | Version | Other | Status | ||||||
|---|---|---|---|---|---|---|---|---|---|---|
| Vendor | Product | Version | Other | Status | <-- --> | Vendor | Product | Version | Other | Status |
| Huawei Search vendor "Huawei" | Rh1288 V3 Server Firmware Search vendor "Huawei" for product "Rh1288 V3 Server Firmware" | v100r003c00 Search vendor "Huawei" for product "Rh1288 V3 Server Firmware" and version "v100r003c00" | - |
Affected
| in | Huawei Search vendor "Huawei" | Rh1288 V3 Server Search vendor "Huawei" for product "Rh1288 V3 Server" | - | - |
Safe
|
| Huawei Search vendor "Huawei" | Rh1288 V3 Server Firmware Search vendor "Huawei" for product "Rh1288 V3 Server Firmware" | v100r003c00 Search vendor "Huawei" for product "Rh1288 V3 Server Firmware" and version "v100r003c00" | - |
Affected
| in | Huawei Search vendor "Huawei" | Rh2288 V3 Server Search vendor "Huawei" for product "Rh2288 V3 Server" | - | - |
Safe
|
| Huawei Search vendor "Huawei" | Rh1288 V3 Server Firmware Search vendor "Huawei" for product "Rh1288 V3 Server Firmware" | v100r003c00 Search vendor "Huawei" for product "Rh1288 V3 Server Firmware" and version "v100r003c00" | - |
Affected
| in | Huawei Search vendor "Huawei" | X6800 V3 Server Search vendor "Huawei" for product "X6800 V3 Server" | - | - |
Safe
|
| Huawei Search vendor "Huawei" | Rh1288 V3 Server Firmware Search vendor "Huawei" for product "Rh1288 V3 Server Firmware" | v100r003c00 Search vendor "Huawei" for product "Rh1288 V3 Server Firmware" and version "v100r003c00" | - |
Affected
| in | Huawei Search vendor "Huawei" | Xh620 V3 Server Search vendor "Huawei" for product "Xh620 V3 Server" | - | - |
Safe
|
| Huawei Search vendor "Huawei" | Rh2288 V3 Server Firmware Search vendor "Huawei" for product "Rh2288 V3 Server Firmware" | v100r003c00 Search vendor "Huawei" for product "Rh2288 V3 Server Firmware" and version "v100r003c00" | - |
Affected
| in | Huawei Search vendor "Huawei" | Rh1288 V3 Server Search vendor "Huawei" for product "Rh1288 V3 Server" | - | - |
Safe
|
| Huawei Search vendor "Huawei" | Rh2288 V3 Server Firmware Search vendor "Huawei" for product "Rh2288 V3 Server Firmware" | v100r003c00 Search vendor "Huawei" for product "Rh2288 V3 Server Firmware" and version "v100r003c00" | - |
Affected
| in | Huawei Search vendor "Huawei" | Rh2288 V3 Server Search vendor "Huawei" for product "Rh2288 V3 Server" | - | - |
Safe
|
| Huawei Search vendor "Huawei" | Rh2288 V3 Server Firmware Search vendor "Huawei" for product "Rh2288 V3 Server Firmware" | v100r003c00 Search vendor "Huawei" for product "Rh2288 V3 Server Firmware" and version "v100r003c00" | - |
Affected
| in | Huawei Search vendor "Huawei" | X6800 V3 Server Search vendor "Huawei" for product "X6800 V3 Server" | - | - |
Safe
|
| Huawei Search vendor "Huawei" | Rh2288 V3 Server Firmware Search vendor "Huawei" for product "Rh2288 V3 Server Firmware" | v100r003c00 Search vendor "Huawei" for product "Rh2288 V3 Server Firmware" and version "v100r003c00" | - |
Affected
| in | Huawei Search vendor "Huawei" | Xh620 V3 Server Search vendor "Huawei" for product "Xh620 V3 Server" | - | - |
Safe
|
| Huawei Search vendor "Huawei" | X6800 V3 Server Firmware Search vendor "Huawei" for product "X6800 V3 Server Firmware" | v100r003c00 Search vendor "Huawei" for product "X6800 V3 Server Firmware" and version "v100r003c00" | - |
Affected
| in | Huawei Search vendor "Huawei" | Rh1288 V3 Server Search vendor "Huawei" for product "Rh1288 V3 Server" | - | - |
Safe
|
| Huawei Search vendor "Huawei" | X6800 V3 Server Firmware Search vendor "Huawei" for product "X6800 V3 Server Firmware" | v100r003c00 Search vendor "Huawei" for product "X6800 V3 Server Firmware" and version "v100r003c00" | - |
Affected
| in | Huawei Search vendor "Huawei" | Rh2288 V3 Server Search vendor "Huawei" for product "Rh2288 V3 Server" | - | - |
Safe
|
| Huawei Search vendor "Huawei" | X6800 V3 Server Firmware Search vendor "Huawei" for product "X6800 V3 Server Firmware" | v100r003c00 Search vendor "Huawei" for product "X6800 V3 Server Firmware" and version "v100r003c00" | - |
Affected
| in | Huawei Search vendor "Huawei" | X6800 V3 Server Search vendor "Huawei" for product "X6800 V3 Server" | - | - |
Safe
|
| Huawei Search vendor "Huawei" | X6800 V3 Server Firmware Search vendor "Huawei" for product "X6800 V3 Server Firmware" | v100r003c00 Search vendor "Huawei" for product "X6800 V3 Server Firmware" and version "v100r003c00" | - |
Affected
| in | Huawei Search vendor "Huawei" | Xh620 V3 Server Search vendor "Huawei" for product "Xh620 V3 Server" | - | - |
Safe
|
| Huawei Search vendor "Huawei" | Xh620 V3 Server Firmware Search vendor "Huawei" for product "Xh620 V3 Server Firmware" | v100r003c00 Search vendor "Huawei" for product "Xh620 V3 Server Firmware" and version "v100r003c00" | - |
Affected
| in | Huawei Search vendor "Huawei" | Rh1288 V3 Server Search vendor "Huawei" for product "Rh1288 V3 Server" | - | - |
Safe
|
| Huawei Search vendor "Huawei" | Xh620 V3 Server Firmware Search vendor "Huawei" for product "Xh620 V3 Server Firmware" | v100r003c00 Search vendor "Huawei" for product "Xh620 V3 Server Firmware" and version "v100r003c00" | - |
Affected
| in | Huawei Search vendor "Huawei" | Rh2288 V3 Server Search vendor "Huawei" for product "Rh2288 V3 Server" | - | - |
Safe
|
| Huawei Search vendor "Huawei" | Xh620 V3 Server Firmware Search vendor "Huawei" for product "Xh620 V3 Server Firmware" | v100r003c00 Search vendor "Huawei" for product "Xh620 V3 Server Firmware" and version "v100r003c00" | - |
Affected
| in | Huawei Search vendor "Huawei" | X6800 V3 Server Search vendor "Huawei" for product "X6800 V3 Server" | - | - |
Safe
|
| Huawei Search vendor "Huawei" | Xh620 V3 Server Firmware Search vendor "Huawei" for product "Xh620 V3 Server Firmware" | v100r003c00 Search vendor "Huawei" for product "Xh620 V3 Server Firmware" and version "v100r003c00" | - |
Affected
| in | Huawei Search vendor "Huawei" | Xh620 V3 Server Search vendor "Huawei" for product "Xh620 V3 Server" | - | - |
Safe
|
| Huawei Search vendor "Huawei" | Ch121 V3 Server Firmware Search vendor "Huawei" for product "Ch121 V3 Server Firmware" | v100r001c00 Search vendor "Huawei" for product "Ch121 V3 Server Firmware" and version "v100r001c00" | - |
Affected
| in | Huawei Search vendor "Huawei" | Ch121 V3 Server Search vendor "Huawei" for product "Ch121 V3 Server" | - | - |
Safe
|
| Huawei Search vendor "Huawei" | Ch121 V3 Server Firmware Search vendor "Huawei" for product "Ch121 V3 Server Firmware" | v100r001c00 Search vendor "Huawei" for product "Ch121 V3 Server Firmware" and version "v100r001c00" | - |
Affected
| in | Huawei Search vendor "Huawei" | Ch140 V3 Server Search vendor "Huawei" for product "Ch140 V3 Server" | - | - |
Safe
|
| Huawei Search vendor "Huawei" | Ch121 V3 Server Firmware Search vendor "Huawei" for product "Ch121 V3 Server Firmware" | v100r001c00 Search vendor "Huawei" for product "Ch121 V3 Server Firmware" and version "v100r001c00" | - |
Affected
| in | Huawei Search vendor "Huawei" | Ch220 V3 Server Search vendor "Huawei" for product "Ch220 V3 Server" | - | - |
Safe
|
| Huawei Search vendor "Huawei" | Ch121 V3 Server Firmware Search vendor "Huawei" for product "Ch121 V3 Server Firmware" | v100r001c00 Search vendor "Huawei" for product "Ch121 V3 Server Firmware" and version "v100r001c00" | - |
Affected
| in | Huawei Search vendor "Huawei" | Ch222 V3 Server Search vendor "Huawei" for product "Ch222 V3 Server" | - | - |
Safe
|
| Huawei Search vendor "Huawei" | Ch121 V3 Server Firmware Search vendor "Huawei" for product "Ch121 V3 Server Firmware" | v100r001c00 Search vendor "Huawei" for product "Ch121 V3 Server Firmware" and version "v100r001c00" | - |
Affected
| in | Huawei Search vendor "Huawei" | Ch226 V3 Server Search vendor "Huawei" for product "Ch226 V3 Server" | - | - |
Safe
|
| Huawei Search vendor "Huawei" | Ch140 V3 Server Firmware Search vendor "Huawei" for product "Ch140 V3 Server Firmware" | v100r001c00 Search vendor "Huawei" for product "Ch140 V3 Server Firmware" and version "v100r001c00" | - |
Affected
| in | Huawei Search vendor "Huawei" | Ch121 V3 Server Search vendor "Huawei" for product "Ch121 V3 Server" | - | - |
Safe
|
| Huawei Search vendor "Huawei" | Ch140 V3 Server Firmware Search vendor "Huawei" for product "Ch140 V3 Server Firmware" | v100r001c00 Search vendor "Huawei" for product "Ch140 V3 Server Firmware" and version "v100r001c00" | - |
Affected
| in | Huawei Search vendor "Huawei" | Ch140 V3 Server Search vendor "Huawei" for product "Ch140 V3 Server" | - | - |
Safe
|
| Huawei Search vendor "Huawei" | Ch140 V3 Server Firmware Search vendor "Huawei" for product "Ch140 V3 Server Firmware" | v100r001c00 Search vendor "Huawei" for product "Ch140 V3 Server Firmware" and version "v100r001c00" | - |
Affected
| in | Huawei Search vendor "Huawei" | Ch220 V3 Server Search vendor "Huawei" for product "Ch220 V3 Server" | - | - |
Safe
|
| Huawei Search vendor "Huawei" | Ch140 V3 Server Firmware Search vendor "Huawei" for product "Ch140 V3 Server Firmware" | v100r001c00 Search vendor "Huawei" for product "Ch140 V3 Server Firmware" and version "v100r001c00" | - |
Affected
| in | Huawei Search vendor "Huawei" | Ch222 V3 Server Search vendor "Huawei" for product "Ch222 V3 Server" | - | - |
Safe
|
| Huawei Search vendor "Huawei" | Ch140 V3 Server Firmware Search vendor "Huawei" for product "Ch140 V3 Server Firmware" | v100r001c00 Search vendor "Huawei" for product "Ch140 V3 Server Firmware" and version "v100r001c00" | - |
Affected
| in | Huawei Search vendor "Huawei" | Ch226 V3 Server Search vendor "Huawei" for product "Ch226 V3 Server" | - | - |
Safe
|
| Huawei Search vendor "Huawei" | Ch220 V3 Server Firmware Search vendor "Huawei" for product "Ch220 V3 Server Firmware" | v100r001c00 Search vendor "Huawei" for product "Ch220 V3 Server Firmware" and version "v100r001c00" | - |
Affected
| in | Huawei Search vendor "Huawei" | Ch121 V3 Server Search vendor "Huawei" for product "Ch121 V3 Server" | - | - |
Safe
|
| Huawei Search vendor "Huawei" | Ch220 V3 Server Firmware Search vendor "Huawei" for product "Ch220 V3 Server Firmware" | v100r001c00 Search vendor "Huawei" for product "Ch220 V3 Server Firmware" and version "v100r001c00" | - |
Affected
| in | Huawei Search vendor "Huawei" | Ch140 V3 Server Search vendor "Huawei" for product "Ch140 V3 Server" | - | - |
Safe
|
| Huawei Search vendor "Huawei" | Ch220 V3 Server Firmware Search vendor "Huawei" for product "Ch220 V3 Server Firmware" | v100r001c00 Search vendor "Huawei" for product "Ch220 V3 Server Firmware" and version "v100r001c00" | - |
Affected
| in | Huawei Search vendor "Huawei" | Ch220 V3 Server Search vendor "Huawei" for product "Ch220 V3 Server" | - | - |
Safe
|
| Huawei Search vendor "Huawei" | Ch220 V3 Server Firmware Search vendor "Huawei" for product "Ch220 V3 Server Firmware" | v100r001c00 Search vendor "Huawei" for product "Ch220 V3 Server Firmware" and version "v100r001c00" | - |
Affected
| in | Huawei Search vendor "Huawei" | Ch222 V3 Server Search vendor "Huawei" for product "Ch222 V3 Server" | - | - |
Safe
|
| Huawei Search vendor "Huawei" | Ch220 V3 Server Firmware Search vendor "Huawei" for product "Ch220 V3 Server Firmware" | v100r001c00 Search vendor "Huawei" for product "Ch220 V3 Server Firmware" and version "v100r001c00" | - |
Affected
| in | Huawei Search vendor "Huawei" | Ch226 V3 Server Search vendor "Huawei" for product "Ch226 V3 Server" | - | - |
Safe
|
| Huawei Search vendor "Huawei" | Ch222 V3 Server Firmware Search vendor "Huawei" for product "Ch222 V3 Server Firmware" | v100r001c00 Search vendor "Huawei" for product "Ch222 V3 Server Firmware" and version "v100r001c00" | - |
Affected
| in | Huawei Search vendor "Huawei" | Ch121 V3 Server Search vendor "Huawei" for product "Ch121 V3 Server" | - | - |
Safe
|
| Huawei Search vendor "Huawei" | Ch222 V3 Server Firmware Search vendor "Huawei" for product "Ch222 V3 Server Firmware" | v100r001c00 Search vendor "Huawei" for product "Ch222 V3 Server Firmware" and version "v100r001c00" | - |
Affected
| in | Huawei Search vendor "Huawei" | Ch140 V3 Server Search vendor "Huawei" for product "Ch140 V3 Server" | - | - |
Safe
|
| Huawei Search vendor "Huawei" | Ch222 V3 Server Firmware Search vendor "Huawei" for product "Ch222 V3 Server Firmware" | v100r001c00 Search vendor "Huawei" for product "Ch222 V3 Server Firmware" and version "v100r001c00" | - |
Affected
| in | Huawei Search vendor "Huawei" | Ch220 V3 Server Search vendor "Huawei" for product "Ch220 V3 Server" | - | - |
Safe
|
| Huawei Search vendor "Huawei" | Ch222 V3 Server Firmware Search vendor "Huawei" for product "Ch222 V3 Server Firmware" | v100r001c00 Search vendor "Huawei" for product "Ch222 V3 Server Firmware" and version "v100r001c00" | - |
Affected
| in | Huawei Search vendor "Huawei" | Ch222 V3 Server Search vendor "Huawei" for product "Ch222 V3 Server" | - | - |
Safe
|
| Huawei Search vendor "Huawei" | Ch222 V3 Server Firmware Search vendor "Huawei" for product "Ch222 V3 Server Firmware" | v100r001c00 Search vendor "Huawei" for product "Ch222 V3 Server Firmware" and version "v100r001c00" | - |
Affected
| in | Huawei Search vendor "Huawei" | Ch226 V3 Server Search vendor "Huawei" for product "Ch226 V3 Server" | - | - |
Safe
|
| Huawei Search vendor "Huawei" | Ch226 V3 Server Firmware Search vendor "Huawei" for product "Ch226 V3 Server Firmware" | v100r001c00 Search vendor "Huawei" for product "Ch226 V3 Server Firmware" and version "v100r001c00" | - |
Affected
| in | Huawei Search vendor "Huawei" | Ch121 V3 Server Search vendor "Huawei" for product "Ch121 V3 Server" | - | - |
Safe
|
| Huawei Search vendor "Huawei" | Ch226 V3 Server Firmware Search vendor "Huawei" for product "Ch226 V3 Server Firmware" | v100r001c00 Search vendor "Huawei" for product "Ch226 V3 Server Firmware" and version "v100r001c00" | - |
Affected
| in | Huawei Search vendor "Huawei" | Ch140 V3 Server Search vendor "Huawei" for product "Ch140 V3 Server" | - | - |
Safe
|
| Huawei Search vendor "Huawei" | Ch226 V3 Server Firmware Search vendor "Huawei" for product "Ch226 V3 Server Firmware" | v100r001c00 Search vendor "Huawei" for product "Ch226 V3 Server Firmware" and version "v100r001c00" | - |
Affected
| in | Huawei Search vendor "Huawei" | Ch220 V3 Server Search vendor "Huawei" for product "Ch220 V3 Server" | - | - |
Safe
|
| Huawei Search vendor "Huawei" | Ch226 V3 Server Firmware Search vendor "Huawei" for product "Ch226 V3 Server Firmware" | v100r001c00 Search vendor "Huawei" for product "Ch226 V3 Server Firmware" and version "v100r001c00" | - |
Affected
| in | Huawei Search vendor "Huawei" | Ch222 V3 Server Search vendor "Huawei" for product "Ch222 V3 Server" | - | - |
Safe
|
| Huawei Search vendor "Huawei" | Ch226 V3 Server Firmware Search vendor "Huawei" for product "Ch226 V3 Server Firmware" | v100r001c00 Search vendor "Huawei" for product "Ch226 V3 Server Firmware" and version "v100r001c00" | - |
Affected
| in | Huawei Search vendor "Huawei" | Ch226 V3 Server Search vendor "Huawei" for product "Ch226 V3 Server" | - | - |
Safe
|