CVE-2019-6147 Vulnerability Details

  /     /     /  

CVE-2019-6147 Metadata Quick Info

CVE Published: 23/12/2019 | CVE Updated: 04/08/2024 | CVE Year: 2019
Source: forcepoint | Vendor: Forcepoint | Product: NGFW Security Management Center
Status : PUBLISHED

---

CVE-2019-6147 Description

Forcepoint NGFW Security Management Center (SMC) versions lower than 6.5.12 or 6.7.1 have a rare issue that in specific circumstances can corrupt the internal configuration database. When the database is corrupted, the SMC might produce an incorrect IPsec configuration for the Forcepoint Next Generation Firewall (NGFW), possibly resulting in settings that are weaker than expected. All SMC versions lower than 6.5.12 or 6.7.1 are vulnerable.

Metrics

CVSS Version: 3.1 | Base Score: n/a
Vector: n/a

l➤ Exploitability Metrics:
    Attack Vector (AV)*
    Attack Complexity (AC)*
    Privileges Required (PR)*
    User Interaction (UI)*
    Scope (S)*

l➤ Impact Metrics:
    Confidentiality Impact (C)*
    Integrity Impact (I)*
    Availability Impact (A)*

Weakness Enumeration (CWE)

CWE-ID:
CWE Name: Rare internal database corruption can lead to incorrect IPSec configuration
Source: Forcepoint

Common Attack Pattern Enumeration and Classification (CAPEC)

CAPEC-ID:
CAPEC Description:


Source: NVD (National Vulnerability Database).