PT-2016-7031 · Huawei · Huawei S12700+4
Frank Gifford
+3
·
Published
2016-08-10
·
Updated
2016-09-08
·
CVE-2016-6670
CVSS v3.1
5.3
Medium
| Vector | AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N |
Name of the Vulnerable Software and Affected Versions
Huawei S7700, S9300, S9700, and S12700 devices with software before V200R008C00SPC500
Description
The issue concerns the generation of self-signed certificates in certain Huawei devices. These devices use random numbers with insufficient entropy, making it easier for remote attackers to discover private keys by leveraging knowledge of a certificate. This could potentially allow an attacker to compromise the certificates, as different devices' certificates may use the same random number.
Recommendations
For Huawei S7700, S9300, S9700, and S12700 devices with software before V200R008C00SPC500, update to V200R008C00SPC500 or later to resolve the issue. As a temporary workaround, consider restricting access to self-signed certificates until a patch is available. Avoid using self-signed certificates in sensitive environments until the issue is resolved.
Fix
Information Disclosure
Found an issue in the description? Have something to add? Feel free to write us 👾
Weakness Enumeration
Related Identifiers
Affected Products
Huawei S12700
Huawei S7700
Huawei S9300
Huawei S9700
Huawei Vrp