CVE-2016-6899

CWE-200Information ExposureCWE-3103 documents3 sources
Severity
7.5HIGH
EPSS
0.1%
top 78.51%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
7
Huawei Rh1288 V3 Server FirmwareHuawei Rh2288 V3 Server FirmwareHuawei Rh2288h V3 Server Firmware+4 more
Timeline
PublishedSep 7
Latest updateMay 17

Description

The Intelligent Baseboard Management Controller (iBMC) in Huawei RH1288 V3 servers with software before V100R003C00SPC613, RH2288 V3 servers with software before V100R003C00SPC617, RH2288H V3 servers with software before V100R003C00SPC515, RH5885 V3 servers with software before V100R003C10SPC102, and XH620 V3, XH622 V3, and XH628 V3 servers with software before V100R003C00SPC610 might allow remote attackers to decrypt encrypted data and consequently obtain sensitive information by leveraging sel

CVSS vector

CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:NExploitability: 3.9 | Impact: 3.6

Affected Packages7 packages

NVDhuawei/rh2288h_v3v100r003c00
NVDhuawei/xh620_v3v100r003c00
NVDhuawei/xh622_v3v100r003c00
NVDhuawei/xh628_v3v100r003c00
NVDhuawei/rh1288_v3v100r003c00

🔴Vulnerability Details

2
GHSA
GHSA-w74p-5wrq-h9p9: The Intelligent Baseboard Management Controller (iBMC) in Huawei RH1288 V3 servers with software before V100R003C00SPC613, RH2288 V3 servers with soft2022-05-17
CVEList
CVE-2016-6899: The Intelligent Baseboard Management Controller (iBMC) in Huawei RH1288 V3 servers with software before V100R003C00SPC613, RH2288 V3 servers with soft2016-09-07