CVE-2019-6147

EPSS 0.24%
Veröffentlicht 23.12.2019 20:15:11
Zuletzt bearbeitet 21.11.2024 04:46:02
Quelle psirt@forcepoint.com
Teams Watchlist Login
Unerledigt Login

Forcepoint NGFW Security Management Center (SMC) versions lower than 6.5.12 or 6.7.1 have a rare issue that in specific circumstances can corrupt the internal configuration database. When the database is corrupted, the SMC might produce an incorrect IPsec configuration for the Forcepoint Next Generation Firewall (NGFW), possibly resulting in settings that are weaker than expected. All SMC versions lower than 6.5.12 or 6.7.1 are vulnerable.

Betroffene Produkte Warnungen 0 Metriken 3 CWE 1 Referenzen 4

Daten sind bereitgestellt durch National Vulnerability Database (NVD)

Forcepoint ≫ Next Generation Firewall Security Management Center Version < 6.5.12

Forcepoint ≫ Next Generation Firewall Security Management Center Version >= 6.6.0 < 6.7.1

Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.

EPSS Metriken
Typ	Quelle	Score	Percentile
EPSS	FIRST.org	0.24%	0.446

CVSS Metriken
Quelle	Base Score	Exploit Score	Impact Score	Vector String
nvd@nist.gov	5.9	2.2	3.6	CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N
nvd@nist.gov	4.3	8.6	2.9	AV:N/AC:M/Au:N/C:N/I:P/A:N

CWE-704 Incorrect Type Conversion or Cast

The product does not correctly convert an object, resource, or structure from one type to a different type.

https://help.forcepoint.com/security/CVE/CVE-2019-6147.html

Vendor Advisory

https://nvd.nist.gov/vuln/detail/CVE-2019-6147

CVE Source (NVD)

https://cveawg.mitre.org/api/cve/CVE-2019-6147

CVE Source (JSON)

https://euvd.enisa.europa.eu/vulnerability/CVE-2019-6147

EUVD