CVE-2016-6838

Name of the Vulnerable Software and Affected Versions Huawei X6800 and XH620 V3 servers versions prior to V100R003C00SPC606 Huawei RH1288 V3 servers versions prior to V100R003C00SPC613 Huawei RH2288 V3 servers versions prior to V100R003C00SPC617 Huawei CH140 V3 and CH226 V3 servers versions prior to V100R001C00SPC122 Huawei CH220 V3 servers versions prior to V100R001C00SPC201 Huawei CH121 V3 and CH222 V3 servers versions prior to V100R001C00SPC202

Description The issue allows remote attackers to decrypt encrypted data, potentially obtaining sensitive information, by leveraging the selection of an insecure SSH encryption algorithm.

Recommendations For Huawei X6800 and XH620 V3 servers versions prior to V100R003C00SPC606, update to V100R003C00SPC606 or later. For Huawei RH1288 V3 servers versions prior to V100R003C00SPC613, update to V100R003C00SPC613 or later. For Huawei RH2288 V3 servers versions prior to V100R003C00SPC617, update to V100R003C00SPC617 or later. For Huawei CH140 V3 and CH226 V3 servers versions prior to V100R001C00SPC122, update to V100R001C00SPC122 or later. For Huawei CH220 V3 servers versions prior to V100R001C00SPC201, update to V100R001C00SPC201 or later. For Huawei CH121 V3 and CH222 V3 servers versions prior to V100R001C00SPC202, update to V100R001C00SPC202 or later.