CVE-2019-6147
Summary
| CVE | CVE-2019-6147 |
|---|---|
| State | PUBLIC |
| Assigner | [email protected] |
| Source Priority | CVE Program / NVD first with legacy fallback |
| Published | 2019-12-23 20:15:00 UTC |
| Updated | 2021-09-16 13:16:00 UTC |
| Description | Forcepoint NGFW Security Management Center (SMC) versions lower than 6.5.12 or 6.7.1 have a rare issue that in specific circumstances can corrupt the internal configuration database. When the database is corrupted, the SMC might produce an incorrect IPsec configuration for the Forcepoint Next Generation Firewall (NGFW), possibly resulting in settings that are weaker than expected. All SMC versions lower than 6.5.12 or 6.7.1 are vulnerable. |
Risk And Classification
Problem Types: CWE-704
NVD Known Affected Configurations (CPE 2.3)
| Type | Vendor | Product | Version | Update | Edition | Language |
|---|---|---|---|---|---|---|
| Application | Forcepoint | Next Generation Firewall Security Management Center | All | All | All | All |
| Application | Forcepoint | Next Generation Firewall Security Management Center | All | All | All | All |
References
| Reference | Source | Link | Tags |
|---|---|---|---|
| KB Article | Forcepoint Support | CONFIRM | support.forcepoint.com | Vendor Advisory |
| Security Advisory: Database corruption vulnerability in Forcepoint NGFW Security Management Center (SMC) (CVE-2019-6147) | CONFIRM | help.forcepoint.com | |
| CVE Program record | CVE.ORG | www.cve.org | canonical |
| NVD vulnerability detail | NVD | nvd.nist.gov | canonical, analysis |
No vendor comments have been submitted for this CVE.
There are currently no legacy QID mappings associated with this CVE.