CVE-2019-5259

CWE-269Improper Privilege Management5 documents4 sources
Severity
6.5MEDIUM
EPSS
0.1%
top 71.61%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
12
Huawei Ar120-s FirmwareHuawei Ar1200-s FirmwareHuawei Ar1200 Firmware+9 more
Timeline
PublishedDec 16
Latest updateMay 24

Description

There is an information leakage vulnerability on some Huawei products(AR120-S;AR1200;AR1200-S;AR150;AR150-S;AR160;AR200;AR200-S;AR2200;AR2200-S;AR3200;AR3600). An attacker with low permissions can view some high-privilege information by running specific commands.Successful exploit could cause an information disclosure condition.

CVSS vector

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:NExploitability: 2.8 | Impact: 3.6

Affected Packages12 packages

NVDhuawei/ar1200_firmware6 versions+5
NVDhuawei/ar1200-s_firmware6 versions+5
NVDhuawei/ar150_firmware6 versions+5
NVDhuawei/ar200_firmware6 versions+5
NVDhuawei/ar2200_firmware6 versions+5

🔴Vulnerability Details

4
GHSA
GHSA-g3x5-hj34-q968: There is an information leakage vulnerability on some Huawei products(AR120-S;AR1200;AR1200-S;AR150;AR150-S;AR160;AR200;AR200-S;AR2200;AR2200-S;AR32002022-05-24
OSV
cron regression2022-05-11
OSV
cron vulnerabilities2022-05-06
CVEList
CVE-2019-5259: There is an information leakage vulnerability on some Huawei products(AR120-S;AR1200;AR1200-S;AR150;AR150-S;AR160;AR200;AR200-S;AR2200;AR2200-S;AR32002019-12-16
CVE-2019-5259 (MEDIUM CVSS 6.5) | There is an information leakage vul | cvebase.io