Vulnerability Monitor

The vendors, products, and vulnerabilities you care about

CVE-2019-6147

Forcepoint NGFW Security Management Center (SMC) versions lower than 6.5.12 or 6.7.1 have a rare issue that in specific circumstances can corrupt the internal configuration database. When the database is corrupted, the SMC might produce an incorrect IPsec configuration for the Forcepoint Next Generation Firewall (NGFW), possibly resulting in settings that are weaker than expected. All SMC versions lower than 6.5.12 or 6.7.1 are vulnerable.

Published

2019-12-23T20:15:11.157

Last Modified

2024-11-21T04:46:02.057

Status

Modified

Source

[email protected]

Severity

CVSSv3.1: 5.9 (MEDIUM)

CVSSv2 Vector

AV:N/AC:M/Au:N/C:N/I:P/A:N

Access Vector: NETWORK
Access Complexity: MEDIUM
Authentication: NONE
Confidentiality Impact: NONE
Integrity Impact: PARTIAL
Availability Impact: NONE

Exploitability Score

8.6

Impact Score

2.9

Weaknesses

Type: Primary
CWE-704

Affected Vendors & Products

Type	Vendor	Product	Version/Range	Vulnerable?
Application	forcepoint	next_generation_firewall_security_management_center	< 6.5.12	Yes
Application	forcepoint	next_generation_firewall_security_management_center	< 6.7.1	Yes

References

https://help.forcepoint.com/security/CVE/CVE-2019-6147.html Vendor Advisory ([email protected])
https://help.forcepoint.com/security/CVE/CVE-2019-6147.html Vendor Advisory (af854a3a-2127-422b-91ae-364da2661108)