What is the severity of CVE-2016-6899?

CVE-2016-6899 is classified as a medium severity vulnerability that impacts Huawei server firmware.

How do I fix CVE-2016-6899?

To fix CVE-2016-6899, upgrade your server firmware to the specified patched versions such as V100R003C00SPC613 for RH1288 V3 servers.

What products are affected by CVE-2016-6899?

CVE-2016-6899 affects Huawei RH1288 V3, RH2288 V3, RH2288H V3, and RH5885 V3 servers running specific firmware versions.

What vulnerability impacts Huawei server firmware in CVE-2016-6899?

CVE-2016-6899 pertains to a flaw in the Intelligent Baseboard Management Controller (iBMC) of Huawei servers.

Is the risk associated with CVE-2016-6899 exploitable externally?

Yes, the vulnerability may be exploitable by remote attackers aiming to gain unauthorized access or control of the affected servers.

Vulnerability/
CVE-2016-6899

high

7.5

CWE

200 310

7/9/2016

6/8/2024

CVE-2016-6899: Infoleak

First published: Wed Sep 07 2016(Updated: )

The Intelligent Baseboard Management Controller (iBMC) in Huawei RH1288 V3 servers with software before V100R003C00SPC613, RH2288 V3 servers with software before V100R003C00SPC617, RH2288H V3 servers with software before V100R003C00SPC515, RH5885 V3 servers with software before V100R003C10SPC102, and XH620 V3, XH622 V3, and XH628 V3 servers with software before V100R003C00SPC610 might allow remote attackers to decrypt encrypted data and consequently obtain sensitive information by leveraging selection of an insecure SSL encryption algorithm.

Credit: cve@mitre.org

Affected Software	Affected Version	How to fix
Huawei Tecal Rh5885 V3 Firmware	=v100r003c01
Huawei Tecal Rh5885 V3 Firmware
Huawei RH1288 V3 Firmware	=v100r003c00
Huawei Rh2288h V3 Server Firmware	=v100r003c00
Huawei RH2288H V3 Firmware	=v100r003c00
Huawei XH620 V3	=v100r003c00
Huawei XH622 V3 Server Firmware	=v100r003c00
Huawei Xh628 V3	=v100r003c00
Huawei RH1288 V3
Huawei RH2288H V3 Server
Huawei Rh2288h V3 Server Firmware
Huawei XH620 V3
Huawei XH622 V3 Server Firmware
Huawei XH628 V3 Server Firmware

Never miss a vulnerability like this again

Reference Links

Frequently Asked Questions

What is the severity of CVE-2016-6899?
CVE-2016-6899 is classified as a medium severity vulnerability that impacts Huawei server firmware.
How do I fix CVE-2016-6899?
To fix CVE-2016-6899, upgrade your server firmware to the specified patched versions such as V100R003C00SPC613 for RH1288 V3 servers.
What products are affected by CVE-2016-6899?
CVE-2016-6899 affects Huawei RH1288 V3, RH2288 V3, RH2288H V3, and RH5885 V3 servers running specific firmware versions.
What vulnerability impacts Huawei server firmware in CVE-2016-6899?
CVE-2016-6899 pertains to a flaw in the Intelligent Baseboard Management Controller (iBMC) of Huawei servers.
Is the risk associated with CVE-2016-6899 exploitable externally?
Yes, the vulnerability may be exploitable by remote attackers aiming to gain unauthorized access or control of the affected servers.

agent/references
agent/type
collector/mitre-cve
source/MITRE
agent/severity
agent/weakness
agent/last-modified-date
agent/author
agent/first-publish-date
agent/description
agent/event
agent/source
agent/softwarecombine
agent/tags
collector/nvd-index
agent/software-canonical-lookup-request
vendor/huawei
canonical/huawei tecal rh5885 v3 firmware
version/huawei tecal rh5885 v3 firmware/v100r003c01
canonical/huawei rh1288 v3 firmware
version/huawei rh1288 v3 firmware/v100r003c00
canonical/huawei rh2288h v3 server firmware
version/huawei rh2288h v3 server firmware/v100r003c00
canonical/huawei rh2288h v3 firmware
version/huawei rh2288h v3 firmware/v100r003c00
canonical/huawei xh620 v3
version/huawei xh620 v3/v100r003c00
canonical/huawei xh622 v3 server firmware
version/huawei xh622 v3 server firmware/v100r003c00
canonical/huawei xh628 v3
version/huawei xh628 v3/v100r003c00
canonical/huawei rh1288 v3
canonical/huawei rh2288h v3 server
canonical/huawei xh628 v3 server firmware