cnvd - cnvd-2020-03158

CNVD-2020-03158

Vulnerability from cnvd - Published: 2020-01-22

Title

Forcepoint NGFW Security Management Center存在未明漏洞

Description

Forcepoint NGFW Security Management Center（SMC）是美国Forcepoint公司的一款为Forcepoint下一代防火墙提供统一、集中管理功能的产品。 Forcepoint NGFW SMC 6.5.12之前版本和6.7.1之前版本中存在安全漏洞。攻击者可利用该漏洞损坏内部的配置数据库，导致SMC为Forcepoint Next Generation Firewall生成不正确的配置。

Severity

中

Patch Name

Forcepoint NGFW Security Management Center存在未明漏洞的补丁

Patch Description

Formal description

目前厂商已发布升级补丁以修复漏洞，补丁获取链接： https://support.forcepoint.com/KBArticle?id=000017918

Reference

https://support.forcepoint.com/KBArticle?id=000017918

Impacted products

Name
['Forcepoint NGFW Security Management Center <6.5.12', 'Forcepoint NGFW Security Management Center <6.7.1']

Show details on source website

JSON

To clipboard

{
  "cves": {
    "cve": {
      "cveNumber": "CVE-2019-6147"
    }
  },
  "description": "Forcepoint NGFW Security Management Center\uff08SMC\uff09\u662f\u7f8e\u56fdForcepoint\u516c\u53f8\u7684\u4e00\u6b3e\u4e3aForcepoint\u4e0b\u4e00\u4ee3\u9632\u706b\u5899\u63d0\u4f9b\u7edf\u4e00\u3001\u96c6\u4e2d\u7ba1\u7406\u529f\u80fd\u7684\u4ea7\u54c1\u3002\n\nForcepoint NGFW SMC 6.5.12\u4e4b\u524d\u7248\u672c\u548c6.7.1\u4e4b\u524d\u7248\u672c\u4e2d\u5b58\u5728\u5b89\u5168\u6f0f\u6d1e\u3002\u653b\u51fb\u8005\u53ef\u5229\u7528\u8be5\u6f0f\u6d1e\u635f\u574f\u5185\u90e8\u7684\u914d\u7f6e\u6570\u636e\u5e93\uff0c\u5bfc\u81f4SMC\u4e3aForcepoint Next Generation Firewall\u751f\u6210\u4e0d\u6b63\u786e\u7684\u914d\u7f6e\u3002",
  "formalWay": "\u76ee\u524d\u5382\u5546\u5df2\u53d1\u5e03\u5347\u7ea7\u8865\u4e01\u4ee5\u4fee\u590d\u6f0f\u6d1e\uff0c\u8865\u4e01\u83b7\u53d6\u94fe\u63a5\uff1a\r\nhttps://support.forcepoint.com/KBArticle?id=000017918",
  "isEvent": "\u901a\u7528\u8f6f\u786c\u4ef6\u6f0f\u6d1e",
  "number": "CNVD-2020-03158",
  "openTime": "2020-01-22",
  "patchDescription": "Forcepoint NGFW Security Management Center\uff08SMC\uff09\u662f\u7f8e\u56fdForcepoint\u516c\u53f8\u7684\u4e00\u6b3e\u4e3aForcepoint\u4e0b\u4e00\u4ee3\u9632\u706b\u5899\u63d0\u4f9b\u7edf\u4e00\u3001\u96c6\u4e2d\u7ba1\u7406\u529f\u80fd\u7684\u4ea7\u54c1\u3002\r\n\r\nForcepoint NGFW SMC 6.5.12\u4e4b\u524d\u7248\u672c\u548c6.7.1\u4e4b\u524d\u7248\u672c\u4e2d\u5b58\u5728\u5b89\u5168\u6f0f\u6d1e\u3002\u653b\u51fb\u8005\u53ef\u5229\u7528\u8be5\u6f0f\u6d1e\u635f\u574f\u5185\u90e8\u7684\u914d\u7f6e\u6570\u636e\u5e93\uff0c\u5bfc\u81f4SMC\u4e3aForcepoint Next Generation Firewall\u751f\u6210\u4e0d\u6b63\u786e\u7684\u914d\u7f6e\u3002 \u76ee\u524d\uff0c\u4f9b\u5e94\u5546\u53d1\u5e03\u4e86\u5b89\u5168\u516c\u544a\u53ca\u76f8\u5173\u8865\u4e01\u4fe1\u606f\uff0c\u4fee\u590d\u4e86\u6b64\u6f0f\u6d1e\u3002",
  "patchName": "Forcepoint NGFW Security Management Center\u5b58\u5728\u672a\u660e\u6f0f\u6d1e\u7684\u8865\u4e01",
  "products": {
    "product": [
      "Forcepoint NGFW Security Management Center \u003c6.5.12",
      "Forcepoint NGFW Security Management Center \u003c6.7.1"
    ]
  },
  "referenceLink": "https://support.forcepoint.com/KBArticle?id=000017918",
  "serverity": "\u4e2d",
  "submitTime": "2019-12-24",
  "title": "Forcepoint NGFW Security Management Center\u5b58\u5728\u672a\u660e\u6f0f\u6d1e"
}

CVE-2019-6147 (GCVE-0-2019-6147)

Vulnerability from cvelistv5 – Published: 2019-12-23 19:17 – Updated: 2024-08-04 20:16

Summary

Forcepoint NGFW Security Management Center (SMC) versions lower than 6.5.12 or 6.7.1 have a rare issue that in specific circumstances can corrupt the internal configuration database. When the database is corrupted, the SMC might produce an incorrect IPsec configuration for the Forcepoint Next Generation Firewall (NGFW), possibly resulting in settings that are weaker than expected. All SMC versions lower than 6.5.12 or 6.7.1 are vulnerable.

Severity ?

No CVSS data available.

CWE

Rare internal database corruption can lead to incorrect IPSec configuration

Assigner

forcepoint

References

URL

Tags

https://help.forcepoint.com/security/CVE/CVE-2019…

x_refsource_CONFIRM

Impacted products

	Vendor	Product	Version
	Forcepoint	NGFW Security Management Center	Affected: Any version lower than 6.5.12 or 6.7.1

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-04T20:16:24.587Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://help.forcepoint.com/security/CVE/CVE-2019-6147.html"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "NGFW Security Management Center",
          "vendor": "Forcepoint",
          "versions": [
            {
              "status": "affected",
              "version": "Any version lower than 6.5.12 or 6.7.1"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "Forcepoint NGFW Security Management Center (SMC) versions lower than 6.5.12 or 6.7.1 have a rare issue that in specific circumstances can corrupt the internal configuration database. When the database is corrupted, the SMC might produce an incorrect IPsec configuration for the Forcepoint Next Generation Firewall (NGFW), possibly resulting in settings that are weaker than expected. All SMC versions lower than 6.5.12 or 6.7.1 are vulnerable."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "Rare internal database corruption can lead to incorrect IPSec configuration",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2021-09-10T17:02:35",
        "orgId": "e23ea22c-8c39-4eff-8980-2881e5ae54e2",
        "shortName": "forcepoint"
      },
      "references": [
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://help.forcepoint.com/security/CVE/CVE-2019-6147.html"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "psirt@forcepoint.com",
          "ID": "CVE-2019-6147",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "NGFW Security Management Center",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "Any version lower than 6.5.12 or 6.7.1"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "Forcepoint"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "Forcepoint NGFW Security Management Center (SMC) versions lower than 6.5.12 or 6.7.1 have a rare issue that in specific circumstances can corrupt the internal configuration database. When the database is corrupted, the SMC might produce an incorrect IPsec configuration for the Forcepoint Next Generation Firewall (NGFW), possibly resulting in settings that are weaker than expected. All SMC versions lower than 6.5.12 or 6.7.1 are vulnerable."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "Rare internal database corruption can lead to incorrect IPSec configuration"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "https://help.forcepoint.com/security/CVE/CVE-2019-6147.html",
              "refsource": "CONFIRM",
              "url": "https://help.forcepoint.com/security/CVE/CVE-2019-6147.html"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "e23ea22c-8c39-4eff-8980-2881e5ae54e2",
    "assignerShortName": "forcepoint",
    "cveId": "CVE-2019-6147",
    "datePublished": "2019-12-23T19:17:18",
    "dateReserved": "2019-01-11T00:00:00",
    "dateUpdated": "2024-08-04T20:16:24.587Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

Sightings

Author	Source	Type	Date

Nomenclature

Seen: The vulnerability was mentioned, discussed, or observed by the user.
Confirmed: The vulnerability has been validated from an analyst's perspective.
Published Proof of Concept: A public proof of concept is available for this vulnerability.
Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
Not confirmed: The user expressed doubt about the validity of the vulnerability.
Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.

Detection rules are retrieved from Rulezet.

Action not permitted

CNVD-2020-03158

CVE-2019-6147 (GCVE-0-2019-6147)

Tags

Sightings

Nomenclature