Filtered by vendor Forcepoint
Subscribe
Search
Total
5 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2019-6147 | 1 Forcepoint | 1 Next Generation Firewall Security Management Center | 2021-09-16 | 4.3 MEDIUM | 5.9 MEDIUM |
| Forcepoint NGFW Security Management Center (SMC) versions lower than 6.5.12 or 6.7.1 have a rare issue that in specific circumstances can corrupt the internal configuration database. When the database is corrupted, the SMC might produce an incorrect IPsec configuration for the Forcepoint Next Generation Firewall (NGFW), possibly resulting in settings that are weaker than expected. All SMC versions lower than 6.5.12 or 6.7.1 are vulnerable. | |||||
| CVE-2019-6145 | 1 Forcepoint | 1 Vpn Client | 2021-09-10 | 7.2 HIGH | 6.7 MEDIUM |
| Forcepoint VPN Client for Windows versions lower than 6.6.1 have an unquoted search path vulnerability. This enables local privilege escalation to SYSTEM user. By default, only local administrators can write executables to the vulnerable directories. Forcepoint thanks Peleg Hadar of SafeBreach Labs for finding this vulnerability and for reporting it to us. | |||||
| CVE-2019-6146 | 1 Forcepoint | 1 Web Security | 2021-09-10 | 4.3 MEDIUM | 6.1 MEDIUM |
| It has been reported that cross-site scripting (XSS) is possible in Forcepoint Web Security, version 8.x, via host header injection. CVSSv3.0: 5.3 (Medium) (/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N) | |||||
| CVE-2019-6144 | 1 Forcepoint | 1 One Endpoint | 2021-09-10 | 4.0 MEDIUM | 6.5 MEDIUM |
| This vulnerability allows a normal (non-admin) user to disable the Forcepoint One Endpoint (versions 19.04 through 19.08) and bypass DLP and Web protection. | |||||
| CVE-2019-6142 | 1 Forcepoint | 2 Email Security, Security Manager | 2019-11-07 | 4.3 MEDIUM | 6.1 MEDIUM |
| It has been reported that XSS is possible in Forcepoint Email Security, versions 8.5 and 8.5.3. It is strongly recommended that you apply the relevant hotfix in order to remediate this issue. | |||||