PT-2018-6423 · Huawei · Tp3206+2
Published
2018-03-09
·
Updated
2018-03-29
·
CVE-2017-17167
CVSS v3.1
5.9
Medium
| Vector | AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N |
Name of the Vulnerable Software and Affected Versions:
Huawei DP300 version V500R002C00
TP3206 version V100R002C00
ViewPoint 9030 versions V100R011C02 through V100R011C03
Description:
The software utilizes a broken or risky cryptographic algorithm, specifically in SSL, which poses a significant risk. A remote unauthenticated attacker could exploit this weakness using well-known techniques to break the algorithm, potentially leading to the exposure of sensitive information.
Recommendations:
For Huawei DP300 version V500R002C00, update the cryptographic algorithm used in SSL to a secure alternative.
For TP3206 version V100R002C00, replace the risky cryptographic algorithm with a more secure one.
For ViewPoint 9030 versions V100R011C02 through V100R011C03, consider disabling the use of the vulnerable cryptographic algorithm in SSL until a secure update is available.
Fix
Use of a Broken Cryptographic Algorithm
Found an issue in the description? Have something to add? Feel free to write us 👾
Weakness Enumeration
Related Identifiers
Affected Products
Huawei Dp300
Tp3206
Viewpoint 9030