Lucene search
HistoryOct 03, 2022 - 4:15 p.m.
CVE-2012-5968
huawei
e585
cve-2012-5968
remote attackers
sensitive information
lan network
4.8 Medium
CVSS2
Attack Vector
ADJACENT_NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
NONE
AV:A/AC:L/Au:N/C:P/I:P/A:N
6.5 Medium
AI Score
Confidence
Low
0.001 Low
EPSS
Percentile
42.0%
The Huawei E585 device does not validate the status of admin sessions, which allows remote attackers to obtain sensitive user information and the session ID, and modify data, by leveraging access to the LAN network.
Affected configurations
Node
huaweie585Match-
ORhuaweie585u-82Match-
| CPE | Name | Operator | Version |
|---|---|---|---|
| huawei:e585 | huawei e585 | eq | - |
| huawei:e585u-82 | huawei e585u-82 | eq | - |
Related
prion
prion
Design/Logic Flaw
2012-12-19 11:55:00
cvelist
cvelist
CVE-2012-5968
2022-10-03 16:15:31
nvd
nvd
CVE-2012-5968
2012-12-19 11:55:59
cert
cert
Huawei E585 pocket wifi 2 device contains multiple vulnerabilities
2012-12-13 00:00:00
4.8 Medium
CVSS2
Attack Vector
ADJACENT_NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
NONE
AV:A/AC:L/Au:N/C:P/I:P/A:N
6.5 Medium
AI Score
Confidence
Low
0.001 Low
EPSS
Percentile
42.0%
Related for CVE-2012-5968