← Back

CVE-2016-6670

nvd nist
Published: Sep 7, 2016Modified: May 6, 2026

JSON object

Loading...
5.3
Vector
CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
Exploitability: 3.9 / Impact: 1.4
Source: NVD

Description

Huawei S7700, S9300, S9700, and S12700 devices with software before V200R008C00SPC500 use random numbers with insufficient entropy to generate self-signed certificates, which makes it easier for remote attackers to discover private keys by leveraging knowledge of a certificate.

Affected (7)

Huawei Firmware
1 product
S12700
Huawei
3 products
S9700 Firmware
S7700 Firmware
S9300 Firmware
Configuration A
1 vulnerable · 1 platform
Vulnerable SoftwareAffected Versions
S12700
Version v200r005c00
Running on/withPlatform Versions
Huawei
S12700
All versions
Configuration B
2 vulnerable · 1 platform
Vulnerable SoftwareAffected Versions
Huawei
S9700 Firmware
Version v200r003c00
S9700 Firmware
Version v200r005c00
Running on/withPlatform Versions
Huawei
S9700
All versions
Configuration C
2 vulnerable · 1 platform
Vulnerable SoftwareAffected Versions
Huawei
S7700 Firmware
Version v200r003c00
S7700 Firmware
Version v200r005c00
Running on/withPlatform Versions
Huawei
S7700
All versions
Configuration D
2 vulnerable · 1 platform
Vulnerable SoftwareAffected Versions
Huawei
S9300 Firmware
Version v200r003c00
S9300 Firmware
Version v200r005c00
Running on/withPlatform Versions
Huawei
S9300
All versions

Related CWEs

CWE-200
Exposure of Sensitive Information to an Unauthorized Actor
The product exposes sensitive information to an actor that is not explicitly authorized to have access to that information.

References (4)

Source: cve@mitre.org
MitigationVendor Advisory
Source: cve@mitre.org
Third Party AdvisoryVDB Entry
Source: af854a3a-2127-422b-91ae-364da2661108
MitigationVendor Advisory
Source: af854a3a-2127-422b-91ae-364da2661108
Third Party AdvisoryVDB Entry

Timeline

No history available yet.