CVSS: 6.1EPSS: 0%CPEs: 2EXPL: 0CVE-2023-5451
https://notcve.org/view.php?id=CVE-2023-5451
04 Mar 2024 — Forcepoint NGFW Security Management Center Management Server has SMC Downloads optional feature to offer standalone Management Client downloads and ECA configuration downloads. Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Forcepoint Next Generation Firewall Security Management Center (SMC Downloads feature) allows Reflected XSS. This issue affects Next Generation Firewall Security Management Center : before 6.10.13, from 6.11.0 before 7.1.2. Forcepoin... • https://support.forcepoint.com/s/article/000042395 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVSS: 5.9EPSS: 0%CPEs: 2EXPL: 0CVE-2019-6147
https://notcve.org/view.php?id=CVE-2019-6147
23 Dec 2019 — Forcepoint NGFW Security Management Center (SMC) versions lower than 6.5.12 or 6.7.1 have a rare issue that in specific circumstances can corrupt the internal configuration database. When the database is corrupted, the SMC might produce an incorrect IPsec configuration for the Forcepoint Next Generation Firewall (NGFW), possibly resulting in settings that are weaker than expected. All SMC versions lower than 6.5.12 or 6.7.1 are vulnerable. Forcepoint NGFW Security Management Center (SMC) versiones por debaj... • https://help.forcepoint.com/security/CVE/CVE-2019-6147.html • CWE-704: Incorrect Type Conversion or Cast •