CVE-2015-7842

CVE-2015-7842 affects Huawei FusionServer family (RH2288/RH2288H/RH2288A/RH1288/RH8100/XH628/CH222/CH220/CH121 etc.) where software before specific V100R00xC00SPCyyy versions fails to verify user permissions, allowing remote authenticated operators to change server information. The issue is trigg...

CVE-2016-6900

The Intelligent Baseboard Management Controller iBMC in Huawei RH1288 V3 servers with software before V100R003C00SPC613; RH2288 V3 servers with software before V100R003C00SPC617; RH2288H V3 servers with software before V100R003C00SPC515; RH5885 V3 servers with software before V100R003C10SPC102; a...

CVE-2016-6838

Huawei X6800 and XH620 V3 servers with software before V100R003C00SPC606, RH1288 V3 servers with software before V100R003C00SPC613, RH2288 V3 servers with software before V100R003C00SPC617, CH140 V3 and CH226 V3 servers with software before V100R001C00SPC122, CH220 V3 servers with software before...

CVE-2016-6900

CVE-2016-6900 affects Huawei iBMC in RH1288 V3, RH2288 V3, RH2288H V3, RH5885 V3, and XH620/622/628 V3 servers with software before the specified SPC updates. Local users can cause iBMC resource exhaustion and DoS via unspecified vectors. Huawei’s advisory HWPSIRT-2016-05251 notes these resource-...

CVE-2016-6838

The CVE-2016-6838 issue affects Huawei server products, including X6800/XH620, RH1288/RH2288, CH140/CH226, CH220, and CH121/CH222 V3 platforms, with software versions before the indicated SPC fixes. The root cause is insecure SSH encryption algorithm selection that can allow remote attackers to d...

CVE-2016-6899

The CVE-2016-6899 issue affects Huawei iBMC in RH1288 V3, RH2288 V3, RH2288H V3, RH5885 V3, and XH620/XH622/XH628 V3 servers running software before the specified V100R00xC00SPx levels. The root cause is the ability to select an insecure SSL encryption algorithm in the iBMC, which could permit re...

CVE-2016-6825

The CVE covers Huawei server families (XH620/V3, XH622/V3, XH628/V3 before specific SPC builds; RH1288V3 before SPC613; RH2288V3 before SPC617; RH2288H V3 before SPC515) where lack of authentication protection enables brute-force password retrieval via remote access. This reflects a remote-authen...

Huawei FusionServer Product Information Change Vulnerability

Huawei FusionServer RH2288 V3 is a server product from Huawei, China. A security vulnerability exists in the Huawei FusionServer product that allows a remote attacker to submit a special request to change server information...

Huawei FusionServer Product Security Bypass Vulnerability

Huawei FusionServer RH2288 V3 is a server product from Huawei, China. The Huawei FusionServer product failed to properly limit the number of query attempts, allowing remote attackers to obtain sensitive information via brute force attack...

Huawei FusionServer Product Command Injection Vulnerability

Huawei FusionServer RH2288 V3 is a server product from Huawei, China. A security vulnerability exists in the Huawei FusionServer product that allows remote attackers to submit a special request to change parameters in the login page and inject commands...