CVE-2016-6838

CWE-200 — Information Exposure CWE-3103 documents3 sources

Severity

7.5HIGH

EPSS

0.1%

top 78.51%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

Huawei Ch121 V3 Server Firmware Huawei Ch140 V3 Server Firmware Huawei Ch220 V3 Server Firmware +6 more

Timeline

PublishedSep 7

Latest updateMay 17

Description

Huawei X6800 and XH620 V3 servers with software before V100R003C00SPC606, RH1288 V3 servers with software before V100R003C00SPC613, RH2288 V3 servers with software before V100R003C00SPC617, CH140 V3 and CH226 V3 servers with software before V100R001C00SPC122, CH220 V3 servers with software before V100R001C00SPC201, and CH121 V3 and CH222 V3 servers with software before V100R001C00SPC202 might allow remote attackers to decrypt encrypted data and consequently obtain sensitive information by levera…

CVSS vector

CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:NExploitability: 3.9 | Impact: 3.6

Affected Packages9 packages

▶NVDhuawei/ch121_v3v100r001c00

▶NVDhuawei/ch140_v3v100r001c00

▶NVDhuawei/ch220_v3v100r001c00

▶NVDhuawei/ch222_v3v100r001c00

▶NVDhuawei/ch226_v3v100r001c00

🔴Vulnerability Details

GHSA

GHSA-389p-6whp-pg38: Huawei X6800 and XH620 V3 servers with software before V100R003C00SPC606, RH1288 V3 servers with software before V100R003C00SPC613, RH2288 V3 servers↗2022-05-17

▶

CVEList

CVE-2016-6838: Huawei X6800 and XH620 V3 servers with software before V100R003C00SPC606, RH1288 V3 servers with software before V100R003C00SPC613, RH2288 V3 servers↗2016-09-07

▶