CVE-2012-5968

Sažetak

The Huawei E585 device does not validate the status of admin sessions, which allows remote attackers to obtain sensitive user information and the session ID, and modify data, by leveraging access to the LAN network.

Reference

http://www.huawei.com/en/security/psirt/security-bulletins/security-advisories/hw-198239.htm
http://www.kb.cert.org/vuls/id/871148

CVSS

Base:	4.8
Impact:	4.9
Exploitability:	6.5

Pristup

Vektor	Složenost	Autentikacija
ADJACENT_NETWORK	LOW	NONE

Impact

Povjerljivost	Cjelovitost	Dostupnost
PARTIAL	PARTIAL	NONE

CVSS vektor

AV:A/AC:L/Au:N/C:P/I:P/A:N

Zadnje važnije ažuriranje

29-01-2013 - 05:00

Objavljeno

19-12-2012 - 11:55