Vulnerability Details CVE-2016-6670
Huawei S7700, S9300, S9700, and S12700 devices with software before V200R008C00SPC500 use random numbers with insufficient entropy to generate self-signed certificates, which makes it easier for remote attackers to discover private keys by leveraging knowledge of a certificate.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.001
EPSS Ranking 35.5%
CVSS Severity
CVSS v3 Score 5.3
CVSS v2 Score 5.0
References
Products affected by CVE-2016-6670
-
cpe:2.3:h:huawei:s12700:-
-
cpe:2.3:h:huawei:s7700:-
-
cpe:2.3:h:huawei:s9300:-
-
cpe:2.3:h:huawei:s9700:-
-
cpe:2.3:o:huawei:s7700_firmware:v200r003c00
-
cpe:2.3:o:huawei:s7700_firmware:v200r005c00
-
cpe:2.3:o:huawei:s9300_firmware:v200r003c00
-
cpe:2.3:o:huawei:s9300_firmware:v200r005c00
-
cpe:2.3:o:huawei:s9700_firmware:v200r003c00
-
cpe:2.3:o:huawei:s9700_firmware:v200r005c00
-
cpe:2.3:o:huawei_firmware:s12700:v200r005c00