Huawei networking equipment use a DES encryption algorithm for password and encryption. DES is publicly known to be easily cracked.
Huawei Security Advisory Huawei-SA-20120827-01-CX600 states:
In multiple Huawei products, DES encryption algorithm is used for password and the encryption is not strong enough so it may be cracked (HWNSIRT-2012-0820).
An attacker with access to the Huawei networking equipment encryption file may be able to crack the DES encryption algorithm to recover the system password.
Huawei Security Advisory Huawei-SA-20120827-01-CX600 states the following temporary fixes:
Thanks to Kurt Grutzmacher for reporting this vulnerability.
This document was written by Michael Orlando.
|Date First Published:||2013-08-05|
|Date Last Updated:||2013-10-03 11:31 UTC|