5.3

CVE-2019-7312

Limited plaintext disclosure exists in PRIMX Zed Entreprise for Windows before 6.1.2240, Zed Entreprise for Windows (ANSSI qualification submission) before 6.1.2150, Zed Entreprise for Mac before 2.0.199, Zed Entreprise for Linux before 2.0.199, Zed Pro for Windows before 1.0.195, Zed Pro for Mac before 1.0.199, Zed Pro for Linux before 1.0.199, Zed Free for Windows before 1.0.195, Zed Free for Mac before 1.0.199, and Zed Free for Linux before 1.0.199. Analyzing a Zed container can lead to the disclosure of plaintext content of very small files (a few bytes) stored into it.
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
PrimxZed SwEditionfree SwPlatformwindows Version < 1.0.195
PrimxZed SwEditionpro SwPlatformwindows Version < 1.0.195
PrimxZed SwEditionfree SwPlatformlinux Version < 1.0.199
PrimxZed SwEditionfree SwPlatformmac Version < 1.0.199
PrimxZed SwEditionpro SwPlatformlinux Version < 1.0.199
PrimxZed SwEditionpro SwPlatformmac Version < 1.0.199
PrimxZed SwEditionentreprise SwPlatformlinux Version < 2.0.199
PrimxZed SwEditionentreprise SwPlatformmac Version < 2.0.199
PrimxZed SwEditionentreprise SwPlatformwindows Version < 6.1.2240
PrimxZedmail SwPlatformwindows Version < 6.1.2240
PrimxZonecentral SwPlatformwindows Version < 6.1.2240
Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.
EPSS Metriken
Typ Quelle Score Percentile
EPSS FIRST.org 0.21% 0.434
CVSS Metriken
Quelle Base Score Exploit Score Impact Score Vector String
nvd@nist.gov 5.3 3.9 1.4
CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
nvd@nist.gov 5 10 2.9
AV:N/AC:L/Au:N/C:P/I:N/A:N
CWE-200 Exposure of Sensitive Information to an Unauthorized Actor

The product exposes sensitive information to an actor that is not explicitly authorized to have access to that information.