Sign-up

ID

VAR-201908-0046


CVE

CVE-2019-6143


TITLE

Forcepoint Next Generation Firewall Authentication vulnerability

Trust: 0.8

sources: JVNDB: JVNDB-2019-008642

DESCRIPTION

Forcepoint Next Generation Firewall (Forcepoint NGFW) 6.4.x before 6.4.7, 6.5.x before 6.5.4, and 6.6.x before 6.6.2 has a serious authentication vulnerability that potentially allows unauthorized users to bypass password authentication and access services protected by the NGFW Engine. The vulnerability affects the following NGFW features when the LDAP authentication method is used as the backend authentication: IPsec VPN, SSL VPN or Browser-based user authentication. The vulnerability does not apply when any other backend authentication is used. The RADIUS authentication method is not vulnerable, for example. Forcepoint Next Generation Firewall (Forcepoint NGFW) Contains an authentication vulnerability.Information may be obtained and information may be altered. Forcepoint Next Generation Firewall (NGFW) is a next-generation firewall product of Forcepoint Corporation in the United States

Trust: 1.71

sources: NVD: CVE-2019-6143 // JVNDB: JVNDB-2019-008642 // VULHUB: VHN-157578

AFFECTED PRODUCTS

vendor:forcepointmodel:next generation firewallscope:ltversion:6.6.2

Trust: 1.0

vendor:forcepointmodel:next generation firewallscope:gteversion:6.4.0

Trust: 1.0

vendor:forcepointmodel:next generation firewallscope:gteversion:6.6.0

Trust: 1.0

vendor:forcepointmodel:next generation firewallscope:ltversion:6.5.4

Trust: 1.0

vendor:forcepointmodel:next generation firewallscope:ltversion:6.4.7

Trust: 1.0

vendor:forcepointmodel:next generation firewallscope:gteversion:6.5.0

Trust: 1.0

vendor:forcepointmodel:next generation firewallscope:eqversion:6.6.2

Trust: 0.8

vendor:forcepointmodel:next generation firewallscope:eqversion:6.4.7

Trust: 0.8

vendor:forcepointmodel:next generation firewallscope:ltversion:6.5.x

Trust: 0.8

vendor:forcepointmodel:next generation firewallscope:ltversion:6.4.x

Trust: 0.8

vendor:forcepointmodel:next generation firewallscope:ltversion:6.6.x

Trust: 0.8

vendor:forcepointmodel:next generation firewallscope:eqversion:6.5.4

Trust: 0.8

sources: JVNDB: JVNDB-2019-008642 // NVD: CVE-2019-6143

CVSS

SEVERITY

CVSSV2

CVSSV3

nvd@nist.gov: CVE-2019-6143
value: CRITICAL

Trust: 1.0

NVD: CVE-2019-6143
value: CRITICAL

Trust: 0.8

CNNVD: CNNVD-201908-1360
value: CRITICAL

Trust: 0.6

VULHUB: VHN-157578
value: MEDIUM

Trust: 0.1

nvd@nist.gov: CVE-2019-6143
severity: MEDIUM
baseScore: 6.4
vectorString: AV:N/AC:L/AU:N/C:P/I:P/A:N
accessVector: NETWORK
accessComplexity: LOW
authentication: NONE
confidentialityImpact: PARTIAL
integrityImpact: PARTIAL
availabilityImpact: NONE
exploitabilityScore: 10.0
impactScore: 4.9
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 1.8

VULHUB: VHN-157578
severity: MEDIUM
baseScore: 6.4
vectorString: AV:N/AC:L/AU:N/C:P/I:P/A:N
accessVector: NETWORK
accessComplexity: LOW
authentication: NONE
confidentialityImpact: PARTIAL
integrityImpact: PARTIAL
availabilityImpact: NONE
exploitabilityScore: 10.0
impactScore: 4.9
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 0.1

nvd@nist.gov: CVE-2019-6143
baseSeverity: CRITICAL
baseScore: 9.1
vectorString: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N
attackVector: NETWORK
attackComplexity: LOW
privilegesRequired: NONE
userInteraction: NONE
scope: UNCHANGED
confidentialityImpact: HIGH
integrityImpact: HIGH
availabilityImpact: NONE
exploitabilityScore: 3.9
impactScore: 5.2
version: 3.1

Trust: 1.0

NVD: CVE-2019-6143
baseSeverity: CRITICAL
baseScore: 9.1
vectorString: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N
attackVector: NETWORK
attackComplexity: LOW
privilegesRequired: NONE
userInteraction: NONE
scope: UNCHANGED
confidentialityImpact: HIGH
integrityImpact: HIGH
availabilityImpact: NONE
exploitabilityScore: NONE
impactScore: NONE
version: 3.0

Trust: 0.8

sources: VULHUB: VHN-157578 // JVNDB: JVNDB-2019-008642 // CNNVD: CNNVD-201908-1360 // NVD: CVE-2019-6143

PROBLEMTYPE DATA

problemtype:CWE-287

Trust: 1.9

sources: VULHUB: VHN-157578 // JVNDB: JVNDB-2019-008642 // NVD: CVE-2019-6143

THREAT TYPE

remote

Trust: 0.6

sources: CNNVD: CNNVD-201908-1360

TYPE

authorization issue

Trust: 0.6

sources: CNNVD: CNNVD-201908-1360

CONFIGURATIONS

sources:
            
            
            JVNDB: JVNDB-2019-008642

PATCH
title:Article Number: 000017474url:https://support.forcepoint.com/KBArticle?id=000017474
Trust: 0.8
title:Forcepoint Next Generation Firewall Security vulnerabilitiesurl:http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=97717
Trust: 0.6
sources:
            
            
            JVNDB: JVNDB-2019-008642 // 
            
            
            
            CNNVD: CNNVD-201908-1360

EXTERNAL IDS
db:NVDid:CVE-2019-6143
Trust: 2.5
db:JVNDBid:JVNDB-2019-008642
Trust: 0.8
db:CNNVDid:CNNVD-201908-1360
Trust: 0.7
db:VULHUBid:VHN-157578
Trust: 0.1
sources:
            
            
            VULHUB: VHN-157578 // 
            
            
            
            JVNDB: JVNDB-2019-008642 // 
            
            
            
            CNNVD: CNNVD-201908-1360 // 
            
            
            
            NVD: CVE-2019-6143

REFERENCES
url:https://help.forcepoint.com/security/cve/cve-2019-6143.html
Trust: 1.7
url:https://nvd.nist.gov/vuln/detail/cve-2019-6143
Trust: 1.4
url:https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2019-6143
Trust: 0.8
url:https://support.forcepoint.com/kbarticle?id=000017474
Trust: 0.6
url:https://vigilance.fr/vulnerability/forcepoint-ngfw-privilege-escalation-via-ldap-authentication-30120
Trust: 0.6
sources:
            
            
            VULHUB: VHN-157578 // 
            
            
            
            JVNDB: JVNDB-2019-008642 // 
            
            
            
            CNNVD: CNNVD-201908-1360 // 
            
            
            
            NVD: CVE-2019-6143

SOURCES
db:VULHUBid:VHN-157578
db:JVNDBid:JVNDB-2019-008642
db:CNNVDid:CNNVD-201908-1360
db:NVDid:CVE-2019-6143

LAST UPDATE DATE
2024-11-23T22:16:56.424000+00:00

SOURCES UPDATE DATE
db:VULHUBid:VHN-157578date:2019-08-30T00:00:00
db:JVNDBid:JVNDB-2019-008642date:2019-09-04T00:00:00
db:CNNVDid:CNNVD-201908-1360date:2021-09-13T00:00:00
db:NVDid:CVE-2019-6143date:2024-11-21T04:46:01.623

SOURCES RELEASE DATE
db:VULHUBid:VHN-157578date:2019-08-20T00:00:00
db:JVNDBid:JVNDB-2019-008642date:2019-09-04T00:00:00
db:CNNVDid:CNNVD-201908-1360date:2019-08-20T00:00:00
db:NVDid:CVE-2019-6143date:2019-08-20T21:15:13.357