Insufficient Entropy in Self-Signed Certificates on Huawei S-Series Devices

Insufficient Entropy in Self-Signed Certificates on Huawei S-Series Devices

CVE-2016-6670 · MEDIUM Severity

AV:N/AC:L/AU:N/C:P/I:N/A:N

Huawei S7700, S9300, S9700, and S12700 devices with software before V200R008C00SPC500 use random numbers with insufficient entropy to generate self-signed certificates, which makes it easier for remote attackers to discover private keys by leveraging knowledge of a certificate.

Learn more about our Web Application Penetration Testing UK.