Auth bypass in Huawei Honor_play

CVE-2019-5213

Honor play smartphones with versions earlier than Cornell-AL00A 9.1.0.321(C00E320R1P1T8) have an insufficient authentication vulnerability. The system has a logic judge error under certain scenario. Successful exploit could allow the attac…

Vulnerability class: Broken Authentication

EPSS: 0.002 (11.7th percentile) — read the EPSS interpretation.

CVSS v3 metric

CVSS v3 base score 2.4 (Low). Vector: CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N.

Affected products

Weakness classification (CWE)

References

Frequently asked questions

What is CVE-2019-5213?
CVE-2019-5213 is a low-severity vulnerability in Huawei Honor_play, classified under Improper Authentication. CVSS score: 2.4/10. Published 2019-11-12.
How severe is CVE-2019-5213?
Low severity. CVSS v3 base score is 2.4 out of 10.