PT-2016-7157 · Huawei · Huawei Ibmc

Publicado

2016-09-07

Atualizado

2016-09-08

CVE-2016-6899

CVSS v3.1

7.5

Alta

Vetor

AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

Name of the Vulnerable Software and Affected Versions Huawei iBMC versions prior to V100R003C00SPC613 Huawei iBMC versions prior to V100R003C00SPC617 Huawei iBMC versions prior to V100R003C00SPC515 Huawei iBMC versions prior to V100R003C10SPC102 Huawei iBMC versions prior to V100R003C00SPC610

Description The issue allows remote attackers to decrypt encrypted data, potentially obtaining sensitive information, by leveraging the selection of an insecure SSL encryption algorithm.

Recommendations For versions prior to V100R003C00SPC613, update to V100R003C00SPC613 or later. For versions prior to V100R003C00SPC617, update to V100R003C00SPC617 or later. For versions prior to V100R003C00SPC515, update to V100R003C00SPC515 or later. For versions prior to V100R003C10SPC102, update to V100R003C10SPC102 or later. For versions prior to V100R003C00SPC610, update to V100R003C00SPC610 or later.

Correção

Information Disclosure

Encontrou algum problema na descrição? Tem algo a acrescentar? Fique à vontade para nos escrever 👾

dbugs@ptsecurity.com

Enumeração de Fraquezas

CWE-310CWE-200

Identificadores relacionados

CVE-2016-6899

Produtos afetados

Huawei Ibmc

PT-2016-7157 · Huawei · Huawei Ibmc

CVE-2016-6899

Enumeração de Fraquezas

Identificadores relacionados

Produtos afetados

Referências · 4