Auth bypass in Huawei Honor_play
CVE-2019-5213
Honor play smartphones with versions earlier than Cornell-AL00A 9.1.0.321(C00E320R1P1T8) have an insufficient authentication vulnerability. The system has a logic judge error under certain scenario. Successful exploit could allow the attac…
Vulnerability class: Broken Authentication
EPSS: 0.002 (11.7th percentile) — read the EPSS interpretation.
CVSS v3 metric
CVSS v3 base score 2.4 (Low). Vector: CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N.
Affected products
- Huawei Honor_play
- Huawei Honor_play_firmware
- N/a Honor Play — versions Versions earlier than Cornell-AL00A 9.1.0.321(C00E320R1P1T8)
Weakness classification (CWE)
References
- psirt@huawei.com (x_refsource_MISC, Vendor Advisory)
Frequently asked questions
- What is CVE-2019-5213?
- CVE-2019-5213 is a low-severity vulnerability in Huawei Honor_play, classified under Improper Authentication. CVSS score: 2.4/10. Published 2019-11-12.
- How severe is CVE-2019-5213?
- Low severity. CVSS v3 base score is 2.4 out of 10.