CVE-2012-5968

high

Description

The Huawei E585 device does not validate the status of admin sessions, which allows remote attackers to obtain sensitive user information and the session ID, and modify data, by leveraging access to the LAN network.

References

http://www.kb.cert.org/vuls/id/871148

http://www.huawei.com/en/security/psirt/security-bulletins/security-advisories/hw-198239.htm

Details

Source: Mitre, NVD

Published: 2012-12-19

Updated: 2026-06-16

Risk Information

CVSS v2

Base Score: 4.8

Vector: CVSS2#AV:A/AC:L/Au:N/C:P/I:P/A:N

Severity: Medium

CVSS v3

Base Score: 7.5

Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

Severity: High

EPSS

EPSS: 0.00044