Search criteria
6 vulnerabilities found for next_generation_firewall by forcepoint
FKIE_CVE-2021-41530
Vulnerability from fkie_nvd - Published: 2021-10-04 17:15 - Updated: 2024-11-21 06:26
Severity ?
Summary
Forcepoint NGFW Engine versions 6.5.11 and earlier, 6.8.6 and earlier, and 6.10.0 are vulnerable to TCP reflected amplification vulnerability, if HTTP User Response has been configured.
References
| URL | Tags | ||
|---|---|---|---|
| psirt@forcepoint.com | https://help.forcepoint.com/security/CVE/CVE-2021-41530.html | Mitigation, Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://help.forcepoint.com/security/CVE/CVE-2021-41530.html | Mitigation, Vendor Advisory |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| forcepoint | next_generation_firewall | * | |
| forcepoint | next_generation_firewall | * | |
| forcepoint | next_generation_firewall | 6.10.0 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:forcepoint:next_generation_firewall:*:*:*:*:*:*:*:*",
"matchCriteriaId": "106871F1-3486-462A-91A8-9C6145577849",
"versionEndIncluding": "6.5.11",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:forcepoint:next_generation_firewall:*:*:*:*:*:*:*:*",
"matchCriteriaId": "F9943730-C324-4239-A1B7-20D5822790CC",
"versionEndIncluding": "6.8.6",
"versionStartIncluding": "6.8.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:forcepoint:next_generation_firewall:6.10.0:*:*:*:*:*:*:*",
"matchCriteriaId": "6FAA821D-878C-4DFC-8905-92648E88A7AA",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Forcepoint NGFW Engine versions 6.5.11 and earlier, 6.8.6 and earlier, and 6.10.0 are vulnerable to TCP reflected amplification vulnerability, if HTTP User Response has been configured."
},
{
"lang": "es",
"value": "Forcepoint NGFW Engine versiones 6.5.11 y anteriores, 6.8.6 y anteriores, y 6.10.0 son vulnerables a una vulnerabilidad de amplificaci\u00f3n reflejada TCP, si se ha configurado HTTP User Response"
}
],
"id": "CVE-2021-41530",
"lastModified": "2024-11-21T06:26:21.343",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 4.3,
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:M/Au:N/C:N/I:N/A:P",
"version": "2.0"
},
"exploitabilityScore": 8.6,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"exploitabilityScore": 3.9,
"impactScore": 3.6,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2021-10-04T17:15:08.577",
"references": [
{
"source": "psirt@forcepoint.com",
"tags": [
"Mitigation",
"Vendor Advisory"
],
"url": "https://help.forcepoint.com/security/CVE/CVE-2021-41530.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mitigation",
"Vendor Advisory"
],
"url": "https://help.forcepoint.com/security/CVE/CVE-2021-41530.html"
}
],
"sourceIdentifier": "psirt@forcepoint.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-Other"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
FKIE_CVE-2019-6143
Vulnerability from fkie_nvd - Published: 2019-08-20 21:15 - Updated: 2024-11-21 04:46
Severity ?
Summary
Forcepoint Next Generation Firewall (Forcepoint NGFW) 6.4.x before 6.4.7, 6.5.x before 6.5.4, and 6.6.x before 6.6.2 has a serious authentication vulnerability that potentially allows unauthorized users to bypass password authentication and access services protected by the NGFW Engine. The vulnerability affects the following NGFW features when the LDAP authentication method is used as the backend authentication: IPsec VPN, SSL VPN or Browser-based user authentication. The vulnerability does not apply when any other backend authentication is used. The RADIUS authentication method is not vulnerable, for example.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| forcepoint | next_generation_firewall | * | |
| forcepoint | next_generation_firewall | * | |
| forcepoint | next_generation_firewall | * |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:forcepoint:next_generation_firewall:*:*:*:*:*:*:*:*",
"matchCriteriaId": "9854BA69-0760-4E92-9A82-DF0BD47475BB",
"versionEndExcluding": "6.4.7",
"versionStartIncluding": "6.4.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:forcepoint:next_generation_firewall:*:*:*:*:*:*:*:*",
"matchCriteriaId": "7AE682D3-2726-4C1A-8D68-5826E8225964",
"versionEndExcluding": "6.5.4",
"versionStartIncluding": "6.5.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:forcepoint:next_generation_firewall:*:*:*:*:*:*:*:*",
"matchCriteriaId": "76EB278D-ED52-4E8B-8B41-D7FB1B94BF5A",
"versionEndExcluding": "6.6.2",
"versionStartIncluding": "6.6.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Forcepoint Next Generation Firewall (Forcepoint NGFW) 6.4.x before 6.4.7, 6.5.x before 6.5.4, and 6.6.x before 6.6.2 has a serious authentication vulnerability that potentially allows unauthorized users to bypass password authentication and access services protected by the NGFW Engine. The vulnerability affects the following NGFW features when the LDAP authentication method is used as the backend authentication: IPsec VPN, SSL VPN or Browser-based user authentication. The vulnerability does not apply when any other backend authentication is used. The RADIUS authentication method is not vulnerable, for example."
},
{
"lang": "es",
"value": "El firewall de Forcepoint Next Generation (Forcepoint NGFW) 6.4.x versiones anteriores a 6.4.7, 6.5.x versiones anteriores a 6.5.4 y 6.6.x versiones anteriores a 6.6.2 tiene una grave vulnerabilidad de autenticaci\u00f3n que potencialmente permite a usuarios no autorizados eludir la autenticaci\u00f3n de contrase\u00f1a y acceder a servicios protegidos por el motor NGFW. La vulnerabilidad afecta las siguientes caracter\u00edsticas de NGFW cuando se utiliza el m\u00e9todo de autenticaci\u00f3n LDAP como autenticaci\u00f3n de back-end: IPsec VPN, SSL VPN o autenticaci\u00f3n de usuario basada en navegador. La vulnerabilidad no se aplica cuando se utiliza cualquier otra autenticaci\u00f3n de back-end. El m\u00e9todo de autenticaci\u00f3n RADIUS no es vulnerable, por ejemplo."
}
],
"id": "CVE-2019-6143",
"lastModified": "2024-11-21T04:46:01.623",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "NONE",
"baseScore": 6.4,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:N",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 4.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 9.1,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N",
"version": "3.1"
},
"exploitabilityScore": 3.9,
"impactScore": 5.2,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2019-08-20T21:15:13.357",
"references": [
{
"source": "psirt@forcepoint.com",
"tags": [
"Vendor Advisory"
],
"url": "https://help.forcepoint.com/security/CVE/CVE-2019-6143.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://help.forcepoint.com/security/CVE/CVE-2019-6143.html"
}
],
"sourceIdentifier": "psirt@forcepoint.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-287"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
CVE-2021-41530 (GCVE-0-2021-41530)
Vulnerability from cvelistv5 – Published: 2021-10-04 16:58 – Updated: 2024-08-04 03:15
VLAI?
Summary
Forcepoint NGFW Engine versions 6.5.11 and earlier, 6.8.6 and earlier, and 6.10.0 are vulnerable to TCP reflected amplification vulnerability, if HTTP User Response has been configured.
Severity ?
No CVSS data available.
CWE
- Reflected Amplification Denial of Service
Assigner
References
| URL | Tags | ||||
|---|---|---|---|---|---|
|
|||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| n/a | Forcepoint Next Generation Firewall |
Affected:
NGFW Engine versions 6.5.11 and earlier, 6.8.6 and earlier, and 6.10.0 are all vulnerable, if HTTP User Response has been configured.
|
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T03:15:28.647Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://help.forcepoint.com/security/CVE/CVE-2021-41530.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "Forcepoint Next Generation Firewall",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "NGFW Engine versions 6.5.11 and earlier, 6.8.6 and earlier, and 6.10.0 are all vulnerable, if HTTP User Response has been configured."
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Forcepoint NGFW Engine versions 6.5.11 and earlier, 6.8.6 and earlier, and 6.10.0 are vulnerable to TCP reflected amplification vulnerability, if HTTP User Response has been configured."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Reflected Amplification Denial of Service",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2021-10-04T16:58:41",
"orgId": "e23ea22c-8c39-4eff-8980-2881e5ae54e2",
"shortName": "forcepoint"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://help.forcepoint.com/security/CVE/CVE-2021-41530.html"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@forcepoint.com",
"ID": "CVE-2021-41530",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Forcepoint Next Generation Firewall",
"version": {
"version_data": [
{
"version_value": "NGFW Engine versions 6.5.11 and earlier, 6.8.6 and earlier, and 6.10.0 are all vulnerable, if HTTP User Response has been configured."
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Forcepoint NGFW Engine versions 6.5.11 and earlier, 6.8.6 and earlier, and 6.10.0 are vulnerable to TCP reflected amplification vulnerability, if HTTP User Response has been configured."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Reflected Amplification Denial of Service"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://help.forcepoint.com/security/CVE/CVE-2021-41530.html",
"refsource": "MISC",
"url": "https://help.forcepoint.com/security/CVE/CVE-2021-41530.html"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "e23ea22c-8c39-4eff-8980-2881e5ae54e2",
"assignerShortName": "forcepoint",
"cveId": "CVE-2021-41530",
"datePublished": "2021-10-04T16:58:41",
"dateReserved": "2021-09-20T00:00:00",
"dateUpdated": "2024-08-04T03:15:28.647Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2019-6143 (GCVE-0-2019-6143)
Vulnerability from cvelistv5 – Published: 2019-08-20 20:24 – Updated: 2024-08-04 20:16
VLAI?
Summary
Forcepoint Next Generation Firewall (Forcepoint NGFW) 6.4.x before 6.4.7, 6.5.x before 6.5.4, and 6.6.x before 6.6.2 has a serious authentication vulnerability that potentially allows unauthorized users to bypass password authentication and access services protected by the NGFW Engine. The vulnerability affects the following NGFW features when the LDAP authentication method is used as the backend authentication: IPsec VPN, SSL VPN or Browser-based user authentication. The vulnerability does not apply when any other backend authentication is used. The RADIUS authentication method is not vulnerable, for example.
Severity ?
No CVSS data available.
CWE
- Authentication Bypass
Assigner
References
| URL | Tags | ||||
|---|---|---|---|---|---|
|
|||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Forcepoint | Forcepoint Next Generation Firewall |
Affected:
6.4.0 - 6.4.6
Affected: 6.5.0 - 6.5.3 Affected: 6.6.0 - 6.6.1 |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T20:16:24.383Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://help.forcepoint.com/security/CVE/CVE-2019-6143.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "Forcepoint Next Generation Firewall",
"vendor": "Forcepoint",
"versions": [
{
"status": "affected",
"version": "6.4.0 - 6.4.6"
},
{
"status": "affected",
"version": "6.5.0 - 6.5.3"
},
{
"status": "affected",
"version": "6.6.0 - 6.6.1"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Forcepoint Next Generation Firewall (Forcepoint NGFW) 6.4.x before 6.4.7, 6.5.x before 6.5.4, and 6.6.x before 6.6.2 has a serious authentication vulnerability that potentially allows unauthorized users to bypass password authentication and access services protected by the NGFW Engine. The vulnerability affects the following NGFW features when the LDAP authentication method is used as the backend authentication: IPsec VPN, SSL VPN or Browser-based user authentication. The vulnerability does not apply when any other backend authentication is used. The RADIUS authentication method is not vulnerable, for example."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Authentication Bypass",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2021-09-10T17:06:24",
"orgId": "e23ea22c-8c39-4eff-8980-2881e5ae54e2",
"shortName": "forcepoint"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://help.forcepoint.com/security/CVE/CVE-2019-6143.html"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@forcepoint.com",
"ID": "CVE-2019-6143",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Forcepoint Next Generation Firewall",
"version": {
"version_data": [
{
"version_value": "6.4.0 - 6.4.6"
},
{
"version_value": "6.5.0 - 6.5.3"
},
{
"version_value": "6.6.0 - 6.6.1"
}
]
}
}
]
},
"vendor_name": "Forcepoint"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Forcepoint Next Generation Firewall (Forcepoint NGFW) 6.4.x before 6.4.7, 6.5.x before 6.5.4, and 6.6.x before 6.6.2 has a serious authentication vulnerability that potentially allows unauthorized users to bypass password authentication and access services protected by the NGFW Engine. The vulnerability affects the following NGFW features when the LDAP authentication method is used as the backend authentication: IPsec VPN, SSL VPN or Browser-based user authentication. The vulnerability does not apply when any other backend authentication is used. The RADIUS authentication method is not vulnerable, for example."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Authentication Bypass"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://help.forcepoint.com/security/CVE/CVE-2019-6143.html",
"refsource": "CONFIRM",
"url": "https://help.forcepoint.com/security/CVE/CVE-2019-6143.html"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "e23ea22c-8c39-4eff-8980-2881e5ae54e2",
"assignerShortName": "forcepoint",
"cveId": "CVE-2019-6143",
"datePublished": "2019-08-20T20:24:21",
"dateReserved": "2019-01-11T00:00:00",
"dateUpdated": "2024-08-04T20:16:24.383Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2021-41530 (GCVE-0-2021-41530)
Vulnerability from nvd – Published: 2021-10-04 16:58 – Updated: 2024-08-04 03:15
VLAI?
Summary
Forcepoint NGFW Engine versions 6.5.11 and earlier, 6.8.6 and earlier, and 6.10.0 are vulnerable to TCP reflected amplification vulnerability, if HTTP User Response has been configured.
Severity ?
No CVSS data available.
CWE
- Reflected Amplification Denial of Service
Assigner
References
| URL | Tags | ||||
|---|---|---|---|---|---|
|
|||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| n/a | Forcepoint Next Generation Firewall |
Affected:
NGFW Engine versions 6.5.11 and earlier, 6.8.6 and earlier, and 6.10.0 are all vulnerable, if HTTP User Response has been configured.
|
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T03:15:28.647Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://help.forcepoint.com/security/CVE/CVE-2021-41530.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "Forcepoint Next Generation Firewall",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "NGFW Engine versions 6.5.11 and earlier, 6.8.6 and earlier, and 6.10.0 are all vulnerable, if HTTP User Response has been configured."
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Forcepoint NGFW Engine versions 6.5.11 and earlier, 6.8.6 and earlier, and 6.10.0 are vulnerable to TCP reflected amplification vulnerability, if HTTP User Response has been configured."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Reflected Amplification Denial of Service",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2021-10-04T16:58:41",
"orgId": "e23ea22c-8c39-4eff-8980-2881e5ae54e2",
"shortName": "forcepoint"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://help.forcepoint.com/security/CVE/CVE-2021-41530.html"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@forcepoint.com",
"ID": "CVE-2021-41530",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Forcepoint Next Generation Firewall",
"version": {
"version_data": [
{
"version_value": "NGFW Engine versions 6.5.11 and earlier, 6.8.6 and earlier, and 6.10.0 are all vulnerable, if HTTP User Response has been configured."
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Forcepoint NGFW Engine versions 6.5.11 and earlier, 6.8.6 and earlier, and 6.10.0 are vulnerable to TCP reflected amplification vulnerability, if HTTP User Response has been configured."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Reflected Amplification Denial of Service"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://help.forcepoint.com/security/CVE/CVE-2021-41530.html",
"refsource": "MISC",
"url": "https://help.forcepoint.com/security/CVE/CVE-2021-41530.html"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "e23ea22c-8c39-4eff-8980-2881e5ae54e2",
"assignerShortName": "forcepoint",
"cveId": "CVE-2021-41530",
"datePublished": "2021-10-04T16:58:41",
"dateReserved": "2021-09-20T00:00:00",
"dateUpdated": "2024-08-04T03:15:28.647Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2019-6143 (GCVE-0-2019-6143)
Vulnerability from nvd – Published: 2019-08-20 20:24 – Updated: 2024-08-04 20:16
VLAI?
Summary
Forcepoint Next Generation Firewall (Forcepoint NGFW) 6.4.x before 6.4.7, 6.5.x before 6.5.4, and 6.6.x before 6.6.2 has a serious authentication vulnerability that potentially allows unauthorized users to bypass password authentication and access services protected by the NGFW Engine. The vulnerability affects the following NGFW features when the LDAP authentication method is used as the backend authentication: IPsec VPN, SSL VPN or Browser-based user authentication. The vulnerability does not apply when any other backend authentication is used. The RADIUS authentication method is not vulnerable, for example.
Severity ?
No CVSS data available.
CWE
- Authentication Bypass
Assigner
References
| URL | Tags | ||||
|---|---|---|---|---|---|
|
|||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Forcepoint | Forcepoint Next Generation Firewall |
Affected:
6.4.0 - 6.4.6
Affected: 6.5.0 - 6.5.3 Affected: 6.6.0 - 6.6.1 |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T20:16:24.383Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://help.forcepoint.com/security/CVE/CVE-2019-6143.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "Forcepoint Next Generation Firewall",
"vendor": "Forcepoint",
"versions": [
{
"status": "affected",
"version": "6.4.0 - 6.4.6"
},
{
"status": "affected",
"version": "6.5.0 - 6.5.3"
},
{
"status": "affected",
"version": "6.6.0 - 6.6.1"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Forcepoint Next Generation Firewall (Forcepoint NGFW) 6.4.x before 6.4.7, 6.5.x before 6.5.4, and 6.6.x before 6.6.2 has a serious authentication vulnerability that potentially allows unauthorized users to bypass password authentication and access services protected by the NGFW Engine. The vulnerability affects the following NGFW features when the LDAP authentication method is used as the backend authentication: IPsec VPN, SSL VPN or Browser-based user authentication. The vulnerability does not apply when any other backend authentication is used. The RADIUS authentication method is not vulnerable, for example."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Authentication Bypass",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2021-09-10T17:06:24",
"orgId": "e23ea22c-8c39-4eff-8980-2881e5ae54e2",
"shortName": "forcepoint"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://help.forcepoint.com/security/CVE/CVE-2019-6143.html"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@forcepoint.com",
"ID": "CVE-2019-6143",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Forcepoint Next Generation Firewall",
"version": {
"version_data": [
{
"version_value": "6.4.0 - 6.4.6"
},
{
"version_value": "6.5.0 - 6.5.3"
},
{
"version_value": "6.6.0 - 6.6.1"
}
]
}
}
]
},
"vendor_name": "Forcepoint"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Forcepoint Next Generation Firewall (Forcepoint NGFW) 6.4.x before 6.4.7, 6.5.x before 6.5.4, and 6.6.x before 6.6.2 has a serious authentication vulnerability that potentially allows unauthorized users to bypass password authentication and access services protected by the NGFW Engine. The vulnerability affects the following NGFW features when the LDAP authentication method is used as the backend authentication: IPsec VPN, SSL VPN or Browser-based user authentication. The vulnerability does not apply when any other backend authentication is used. The RADIUS authentication method is not vulnerable, for example."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Authentication Bypass"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://help.forcepoint.com/security/CVE/CVE-2019-6143.html",
"refsource": "CONFIRM",
"url": "https://help.forcepoint.com/security/CVE/CVE-2019-6143.html"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "e23ea22c-8c39-4eff-8980-2881e5ae54e2",
"assignerShortName": "forcepoint",
"cveId": "CVE-2019-6143",
"datePublished": "2019-08-20T20:24:21",
"dateReserved": "2019-01-11T00:00:00",
"dateUpdated": "2024-08-04T20:16:24.383Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}