High severity7.5NVD Advisory· Published Sep 7, 2016· Updated May 6, 2026

CVE-2016-6899

Description

The Intelligent Baseboard Management Controller (iBMC) in Huawei RH1288 V3 servers with software before V100R003C00SPC613, RH2288 V3 servers with software before V100R003C00SPC617, RH2288H V3 servers with software before V100R003C00SPC515, RH5885 V3 servers with software before V100R003C10SPC102, and XH620 V3, XH622 V3, and XH628 V3 servers with software before V100R003C00SPC610 might allow remote attackers to decrypt encrypted data and consequently obtain sensitive information by leveraging selection of an insecure SSL encryption algorithm.

Affected products

Huawei/Rh1288 V3 Server Firmware
cpe:2.3:o:huawei:rh1288_v3_server_firmware:v100r003c00:*:*:*:*:*:*:*
Huawei/Rh2288h V3 Server Firmware
cpe:2.3:o:huawei:rh2288h_v3_server_firmware:v100r003c00:*:*:*:*:*:*:*
Huawei/Rh2288 V3 Server Firmware
cpe:2.3:o:huawei:rh2288_v3_server_firmware:v100r003c00:*:*:*:*:*:*:*
Huawei/Rh5885 V3 Server Firmware
cpe:2.3:o:huawei:rh5885_v3_server_firmware:v100r003c01:*:*:*:*:*:*:*
Huawei/Xh620 V3 Server Firmware
cpe:2.3:o:huawei:xh620_v3_server_firmware:v100r003c00:*:*:*:*:*:*:*
Huawei/Xh622 V3 Server Firmware
cpe:2.3:o:huawei:xh622_v3_server_firmware:v100r003c00:*:*:*:*:*:*:*
Huawei/Xh628 V3 Server Firmware
cpe:2.3:o:huawei:xh628_v3_server_firmware:v100r003c00:*:*:*:*:*:*:*

Patches

No patches discovered yet.

Vulnerability mechanics

AI mechanics synthesis has not run for this CVE yet.

References

www.huawei.com/en/psirt/security-advisories/huawei-sa-20160824-02-server-ennvdVendor Advisory
www.securityfocus.com/bid/92623nvdThird Party AdvisoryVDB Entry

News mentions

No linked articles in our index yet.

cvss	0.488
epss	0.000
exploit	0.000
kev	0.000
patch	0.000
ransomware	0.000