CVSS: 6.5EPSS: 0%CPEs: 1EXPL: 0CVE-2019-6144
https://notcve.org/view.php?id=CVE-2019-6144
This vulnerability allows a normal (non-admin) user to disable the Forcepoint One Endpoint (versions 19.04 through 19.08) and bypass DLP and Web protection. Esta vulnerabilidad permite a un usuario normal (no administrador) deshabilitar Forcepoint One Endpoint (versiones 19.04 hasta 19.08) y omitir DLP y la protección web. • https://help.forcepoint.com/security/CVE/CVE-2019-6144.html • CWE-284: Improper Access Control CWE-863: Incorrect Authorization •
CVSS: 7.2EPSS: 0%CPEs: 1EXPL: 1CVE-2019-6145
https://notcve.org/view.php?id=CVE-2019-6145
Forcepoint VPN Client for Windows versions lower than 6.6.1 have an unquoted search path vulnerability. This enables local privilege escalation to SYSTEM user. By default, only local administrators can write executables to the vulnerable directories. Forcepoint thanks Peleg Hadar of SafeBreach Labs for finding this vulnerability and for reporting it to us. Forcepoint VPN Client para Windows versiones anteriores a 6.6.1, presenta una vulnerabilidad de ruta de búsqueda sin comillas. • https://help.forcepoint.com/security/CVE/CVE-2019-6145.html https://safebreach.com/Post/Forcepoint-VPN-Client-for-Windows-Unquoted-Search-Path-and-Potential-Abuses-CVE-2019-6145 • CWE-428: Unquoted Search Path or Element •
CVSS: 9.1EPSS: 0%CPEs: 3EXPL: 0CVE-2019-6143
https://notcve.org/view.php?id=CVE-2019-6143
Forcepoint Next Generation Firewall (Forcepoint NGFW) 6.4.x before 6.4.7, 6.5.x before 6.5.4, and 6.6.x before 6.6.2 has a serious authentication vulnerability that potentially allows unauthorized users to bypass password authentication and access services protected by the NGFW Engine. The vulnerability affects the following NGFW features when the LDAP authentication method is used as the backend authentication: IPsec VPN, SSL VPN or Browser-based user authentication. The vulnerability does not apply when any other backend authentication is used. The RADIUS authentication method is not vulnerable, for example. El firewall de Forcepoint Next Generation (Forcepoint NGFW) 6.4.x versiones anteriores a 6.4.7, 6.5.x versiones anteriores a 6.5.4 y 6.6.x versiones anteriores a 6.6.2 tiene una grave vulnerabilidad de autenticación que potencialmente permite a usuarios no autorizados eludir la autenticación de contraseña y acceder a servicios protegidos por el motor NGFW. • https://help.forcepoint.com/security/CVE/CVE-2019-6143.html • CWE-287: Improper Authentication •
CVSS: 9.8EPSS: 0%CPEs: 2EXPL: 0CVE-2019-6140
https://notcve.org/view.php?id=CVE-2019-6140
A configuration issue has been discovered in Forcepoint Email Security 8.4.x and 8.5.x: the product is left in a vulnerable state if the hybrid registration process is not completed. Se ha detectado un problema de configuración en Forcepoint Email Security versiones 8.4. x y 8.5. x: el producto se deja en un estado vulnerable si el proceso de registro híbrido no es completado • https://help.forcepoint.com/security/CVE/CVE-2019-6140.html • CWE-284: Improper Access Control •
CVSS: 9.8EPSS: 1%CPEs: 2EXPL: 0CVE-2018-16530
https://notcve.org/view.php?id=CVE-2018-16530
A stack-based buffer overflow in Forcepoint Email Security version 8.5 allows an attacker to craft malicious input and potentially crash a process creating a denial-of-service. While no known Remote Code Execution (RCE) vulnerabilities exist, as with all buffer overflows, the possibility of RCE cannot be completely ruled out. Data Execution Protection (DEP) is already enabled on the Email appliance as a risk mitigation. Un desbordamiento de búfer en región stack de la memoria en Forcepoint Email Security versión 8.5 permite a un atacante crear una entrada maliciosa y potencialmente bloquear un proceso creando una denegación de servicio (DoS). Si bien no se conocen vulnerabilidades de Remote Code Execution (RCE), como con todos los desbordamientos de búfer, no se puede descartar completamente la posibilidad de que RCE se ejecute. • https://help.forcepoint.com/security/CVE/CVE-2018-16530.html https://support.forcepoint.com/KBArticle?id=000016621 • CWE-787: Out-of-bounds Write •