CVE-2019-5232

CWE-3303 documents3 sources

Severity

7.5HIGH

EPSS

0.4%

top 39.44%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

Huawei Vp9630 Firmware Huawei Vp9650 Firmware Huawei Vp9660 Firmware

Timeline

PublishedNov 29

Latest updateMay 24

Description

There is a use of insufficiently random values vulnerability in Huawei ViewPoint products. An unauthenticated, remote attacker can guess information by a large number of attempts. Successful exploitation may cause information leak.

CVSS vector

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:NExploitability: 3.9 | Impact: 3.6

Affected Packages3 packages

▶NVDhuawei/vp9630_firmwarev500r002c00, v500r002c10+1

▶NVDhuawei/vp9650_firmwarev500r002c00, v500r002c10+1

▶NVDhuawei/vp9660_firmwarev500r002c00, v500r002c10+1

🔴Vulnerability Details

GHSA

GHSA-7g6p-9397-6cfc: There is a use of insufficiently random values vulnerability in Huawei ViewPoint products↗2022-05-24

▶

CVEList

CVE-2019-5232: There is a use of insufficiently random values vulnerability in Huawei ViewPoint products↗2019-11-29

▶