CVE-2016-6838
Description
Huawei X6800 and XH620 V3 servers with software before V100R003C00SPC606, RH1288 V3 servers with software before V100R003C00SPC613, RH2288 V3 servers with software before V100R003C00SPC617, CH140 V3 and CH226 V3 servers with software before V100R001C00SPC122, CH220 V3 servers with software before V100R001C00SPC201, and CH121 V3 and CH222 V3 servers with software before V100R001C00SPC202 might allow remote attackers to decrypt encrypted data and consequently obtain sensitive information by leveraging selection of an insecure SSH encryption algorithm.
Risk Information
Base Score
7.5
MODERATE
Vector
CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
EPSS Score
Exploitation Probability
0.07
Associated Vulnerability
| Vulnerability | OS Platform |
|---|---|
| Vulnerabilities CVE-2016-6825 ,CVE-2016-6838 ,CVE-2016-6900 are affected in rh1288_v3_server_firmware v100r003c00 | NCM |
| Vulnerabilities CVE-2016-6825 ,CVE-2016-6838 ,CVE-2016-6900 are affected in rh2288_v3_server_firmware v100r003c00 | NCM |
| Vulnerabilities CVE-2016-6825 ,CVE-2016-6838 ,CVE-2016-6900 are affected in xh620_v3_server_firmware v100r003c00 | NCM |
| Vulnerabilities CVE-2016-6838 are affected in x6800_v3_server_firmware v100r003c00 | NCM |
| Exposure of Sensitive Information to an Unauthorized Actor Vulnerability (CVE-2016-6838) | NCM |
Patch Details
No records foundReferences
https://nvd.nist.gov/vuln/detail/CVE-2023-1234
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-1234