1. Home
  2. CVE Database
  3. CVE-2016-6900
MEDIUM · 5.5

CVE-2016-6900

The Intelligent Baseboard Management Controller (iBMC) in Huawei RH1288 V3 servers with software before V100R003C00SPC613; RH2288 V3 servers with software before V100R003C00SPC617; RH2288H V3 servers ...

Vulnerability Description

The Intelligent Baseboard Management Controller (iBMC) in Huawei RH1288 V3 servers with software before V100R003C00SPC613; RH2288 V3 servers with software before V100R003C00SPC617; RH2288H V3 servers with software before V100R003C00SPC515; RH5885 V3 servers with software before V100R003C10SPC102; and XH620 V3, XH622 V3, and XH628 V3 servers with software before V100R003C00SPC610 allows local users to cause a denial of service (iBMC resource consumption) via unspecified vectors.

CVSS Score

5.5

MEDIUM

CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
Attack Vector
LOCAL
Attack Complexity
LOW
Privileges Required
LOW
User Interaction
NONE
Scope
UNCHANGED
Confidentiality
NONE
Integrity
NONE
Availability
HIGH

Affected Products

VendorProductVersions
HuaweiRh1288 V3 Server Firmwarev100r003c00
HuaweiRh2288 V3 Server Firmwarev100r003c00
HuaweiRh2288H V3 Server Firmwarev100r003c00
HuaweiXh620 V3 Server Firmwarev100r003c00
HuaweiXh622 V3 Server Firmwarev100r003c00
HuaweiXh628 V3 Server Firmwarev100r003c00
HuaweiRh1288 V3 Server-
HuaweiRh2288 V3 Server-
HuaweiRh2288H V3 Server-
HuaweiXh620 V3 Server-
HuaweiXh622 V3 Server-
HuaweiXh628 V3 Server-
HuaweiRh5885 V3 Server Firmwarev100r003c01
HuaweiRh5885 V3 Server-

Related Weaknesses (CWE)

CWE-399

References

FAQ

What is CVE-2016-6900?

CVE-2016-6900 is a vulnerability with a CVSS score of 5.5 (MEDIUM). The Intelligent Baseboard Management Controller (iBMC) in Huawei RH1288 V3 servers with software before V100R003C00SPC613; RH2288 V3 servers with software before V100R003C00SPC617; RH2288H V3 servers ...

How severe is CVE-2016-6900?

CVE-2016-6900 has been rated MEDIUM with a CVSS base score of 5.5/10. Review the CVSS metrics above for detailed severity breakdown.

Is there a patch for CVE-2016-6900?

Check the references section above for vendor advisories and patch information. Affected products include: Huawei Rh1288 V3 Server Firmware, Huawei Rh2288 V3 Server Firmware, Huawei Rh2288H V3 Server Firmware, Huawei Xh620 V3 Server Firmware, Huawei Xh622 V3 Server Firmware.