CVE-2019-5232 — HIGH (7.5) — White Hats Nepal

Vulnerability Description

There is a use of insufficiently random values vulnerability in Huawei ViewPoint products. An unauthenticated, remote attacker can guess information by a large number of attempts. Successful exploitation may cause information leak.

CVSS Score

7.5

HIGH

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality

HIGH

Integrity

NONE

Availability

NONE

Affected Products

Vendor	Product	Versions
Huawei	Vp9630 Firmware	v500r002c00
Huawei	Vp9630	-
Huawei	Vp9650 Firmware	v500r002c00
Huawei	Vp9650	-
Huawei	Vp9660 Firmware	v500r002c00
Huawei	Vp9660	-

Related Weaknesses (CWE)

CWE-330

References

http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20191120-01-viewpoiVendor Advisory
http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20191120-01-viewpoiVendor Advisory

FAQ

What is CVE-2019-5232?

CVE-2019-5232 is a vulnerability with a CVSS score of 7.5 (HIGH). There is a use of insufficiently random values vulnerability in Huawei ViewPoint products. An unauthenticated, remote attacker can guess information by a large number of attempts. Successful exploitat...

How severe is CVE-2019-5232?

CVE-2019-5232 has been rated HIGH with a CVSS base score of 7.5/10. Review the CVSS metrics above for detailed severity breakdown.

Is there a patch for CVE-2019-5232?

Check the references section above for vendor advisories and patch information. Affected products include: Huawei Vp9630 Firmware, Huawei Vp9630, Huawei Vp9650 Firmware, Huawei Vp9650, Huawei Vp9660 Firmware.