CVE-2012-5968

Medium CVSS 4.8

Overview

The Huawei E585 device does not validate the status of admin sessions, which allows remote attackers to obtain sensitive user information and the session ID, and modify data, by leveraging access to the LAN network.

CWE: CWE-20 Published: 2012-12-19T11:55:59.750

Risk analysis

This vulnerability is rated 🟡 MEDIUM.

CVSS: 4.8 (MEDIUM)
Detected tags: none (tag impact: LOW)

Recommended actions:

Prioritize remediation based on business criticality and exposure.
Limit exposure and increase monitoring until fixed.

Overview

Recommended tools

Tags