CVE-2019-5995

CWE-862 — Missing Authorization3 documents3 sources

Severity

6.5MEDIUM

EPSS

0.1%

top 67.78%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

Canon Eos-1d C Firmware Canon Eos-1d X Firmware Canon Eos-1d X Mkii Firmware +63 more

Timeline

PublishedAug 6

Latest updateMay 24

Description

Missing authorization vulnerability exists in EOS series digital cameras (EOS-1D X firmware version 2.1.0 and earlier, EOS-1D X MKII firmware version 1.1.6 and earlier, EOS-1D C firmware version 1.4.1 and earlier, EOS 5D MARK III firmware version 1.3.5 and earlier, EOS 5D MARK IV firmware version 1.2.0 and earlier, EOS 5DS firmware version 1.1.2 and earlier, EOS 5DS R firmware version 1.1.2 and earlier, EOS 6D firmware version 1.1.8 and earlier, EOS 6D MARK II firmware version 1.0.4 and earlier,…

CVSS vector

CVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:NExploitability: 2.8 | Impact: 3.6

Affected Packages66 packages

▶NVDcanon/eos_d_rebel_t100_firmware1.0.0

▶NVDcanon/eos_d_rebel_t5_firmware1.0.2

▶NVDcanon/eos_d_rebel_t6_firmware1.1.0

▶NVDcanon/eos_d_rebel_t7_firmware1.0.0

▶NVDcanon/eos_d_rebel_sl1_firmware1.0.1

🔴Vulnerability Details

GHSA

GHSA-384c-q74f-g7hv: Missing authorization vulnerability exists in EOS series digital cameras (EOS-1D X firmware version 2↗2022-05-24

▶

CVEList

CVE-2019-5995: Missing authorization vulnerability exists in EOS series digital cameras (EOS-1D X firmware version 2↗2019-08-06

▶