PT-2016-7123 · Huawei · Rh2288 V3+4
Publicado
2016-09-07
·
Atualizado
2016-09-08
·
CVE-2016-6825
CVSS v3.1
9.8
Crítica
| Vetor | AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H |
Name of the Vulnerable Software and Affected Versions
Huawei XH620 V3 versions prior to V100R003C00SPC610
Huawei XH622 V3 versions prior to V100R003C00SPC610
Huawei XH628 V3 versions prior to V100R003C00SPC610
Huawei RH1288 V3 versions prior to V100R003C00SPC613
Huawei RH2288 V3 versions prior to V100R003C00SPC617
Huawei RH2288H V3 versions prior to V100R003C00SPC515
Description
The issue allows remote attackers to obtain passwords via a brute-force attack due to a lack of authentication protection mechanisms.
Recommendations
For Huawei XH620 V3 versions prior to V100R003C00SPC610, update to V100R003C00SPC610 or later.
For Huawei XH622 V3 versions prior to V100R003C00SPC610, update to V100R003C00SPC610 or later.
For Huawei XH628 V3 versions prior to V100R003C00SPC610, update to V100R003C00SPC610 or later.
For Huawei RH1288 V3 versions prior to V100R003C00SPC613, update to V100R003C00SPC613 or later.
For Huawei RH2288 V3 versions prior to V100R003C00SPC617, update to V100R003C00SPC617 or later.
For Huawei RH2288H V3 versions prior to V100R003C00SPC515, update to V100R003C00SPC515 or later.
Correção
Improper Authorization
Encontrou algum problema na descrição? Tem algo a acrescentar? Fique à vontade para nos escrever 👾
Enumeração de Fraquezas
Identificadores relacionados
Produtos afetados
Rh1288 V3
Rh2288 V3
Xh620 V3
Xh622 V3
Xh628 V3