CVE-2012-5968

The Huawei E585 device does not validate the status of admin sessions, which allows remote attackers to obtain sensitive user information and the session ID, and modify data, by leveraging access to the LAN network.
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTNIST
4.8 UNKNOWN
ADJACENT_NETWORK
LOW
AV:A/AC:L/Au:N/C:P/I:P/A:N
certccCNA
---
---
CVEADP
---
---
Base Score
CVSS 3.x
EPSS Score
Percentile: 13%
VendorProductVersion
huaweie585
-
huaweie585u-82
-
𝑥
= Vulnerable software versions
Common Weakness Enumeration
References
http://www.huawei.com/en/security/psirt/security-bulletins/security-advisories/hw-198239.htm
http://www.kb.cert.org/vuls/id/871148
http://www.huawei.com/en/security/psirt/security-bulletins/security-advisories/hw-198239.htm
http://www.kb.cert.org/vuls/id/871148