Vulnerability Description
Huawei XH620 V3, XH622 V3, and XH628 V3 servers with software before V100R003C00SPC610, RH1288 V3 servers with software before V100R003C00SPC613, RH2288 V3 servers with software before V100R003C00SPC617, and RH2288H V3 servers with software before V100R003C00SPC515 allow remote attackers to obtain passwords via a brute-force attack, related to "lack of authentication protection mechanisms."
CVSS Score
CRITICAL
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Huawei | Rh1288 V3 Server Firmware | v100r003c00 |
| Huawei | Rh2288 V3 Server Firmware | v100r003c00 |
| Huawei | Rh2288H V3 Server Firmware | v100r003c00 |
| Huawei | Xh620 V3 Server Firmware | v100r003c00 |
| Huawei | Xh622 V3 Server Firmware | v100r003c00 |
| Huawei | Xh628 V3 Server Firmware | v100r003c00 |
| Huawei | Rh1288 V3 Server | - |
| Huawei | Rh2288 V3 Server | - |
| Huawei | Rh2288H V3 Server | - |
| Huawei | Xh620 V3 Server | - |
| Huawei | Xh622 V3 Server | - |
| Huawei | Xh628 V3 Server | - |
Related Weaknesses (CWE)
References
- http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20160817-01-server-Vendor Advisory
- http://www.securityfocus.com/bid/92504Third Party AdvisoryVDB Entry
- http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20160817-01-server-Vendor Advisory
- http://www.securityfocus.com/bid/92504Third Party AdvisoryVDB Entry
FAQ
What is CVE-2016-6825?
CVE-2016-6825 is a vulnerability with a CVSS score of 9.8 (CRITICAL). Huawei XH620 V3, XH622 V3, and XH628 V3 servers with software before V100R003C00SPC610, RH1288 V3 servers with software before V100R003C00SPC613, RH2288 V3 servers with software before V100R003C00SPC6...
How severe is CVE-2016-6825?
CVE-2016-6825 has been rated CRITICAL with a CVSS base score of 9.8/10. This is considered a critical vulnerability requiring immediate attention.
Is there a patch for CVE-2016-6825?
Check the references section above for vendor advisories and patch information. Affected products include: Huawei Rh1288 V3 Server Firmware, Huawei Rh2288 V3 Server Firmware, Huawei Rh2288H V3 Server Firmware, Huawei Xh620 V3 Server Firmware, Huawei Xh622 V3 Server Firmware.