CVE-2019-6143 - OpenCVE

Forcepoint Next Generation Firewall (Forcepoint NGFW) 6.4.x before 6.4.7, 6.5.x before 6.5.4, and 6.6.x before 6.6.2 has a serious authentication vulnerability that potentially allows unauthorized users to bypass password authentication and access services protected by the NGFW Engine. The vulnerability affects the following NGFW features when the LDAP authentication method is used as the backend authentication: IPsec VPN, SSL VPN or Browser-based user authentication. The vulnerability does not apply when any other backend authentication is used. The RADIUS authentication method is not vulnerable, for example.

Attack Vector Network

Attack Complexity Low

Privileges Required None

Scope Unchanged

Confidentiality Impact High

Integrity Impact High

Availability Impact None

User Interaction None

No CVSS v3.0

Access Vector Network

Access Complexity Low

Authentication None

Confidentiality Impact Partial

Integrity Impact Partial

Availability Impact None

AV:N/AC:L/Au:N/C:P/I:P/A:N

Vendors & Products
CPE Configurations

Vendors	Products
Forcepoint	Next Generation Firewall

Configuration 1 [-]

OR	cpe:2.3:a:forcepoint:next_generation_firewall::::::::
	cpe:2.3:a:forcepoint:next_generation_firewall::::::::
	cpe:2.3:a:forcepoint:next_generation_firewall::::::::

References

Link	Resource
https://help.forcepoint.com/security/CVE/CVE-2019-6143.html	Vendor Advisory

History

No history.

MITRE Information

Status: PUBLISHED

Assigner: forcepoint

Published: 2019-08-20T20:24:21

Updated: 2021-09-10T17:06:24

Reserved: 2019-01-11T00:00:00

Link: CVE-2019-6143

JSON object: View

NVD Information

Status : Analyzed

Published: 2019-08-20T21:15:13.357

Modified: 2022-04-18T16:11:12.913

Link: CVE-2019-6143

JSON object: View

Redhat Information

No data.

CWE

CWE-287

{"containers": {"cna": {"affected": [{"product": "Forcepoint Next Generation Firewall", "vendor": "Forcepoint", "versions": [{"status": "affected", "version": "6.4.0 - 6.4.6"}, {"status": "affected", "version": "6.5.0 - 6.5.3"}, {"status": "affected", "version": "6.6.0 - 6.6.1"}]}], "descriptions": [{"lang": "en", "value": "Forcepoint Next Generation Firewall (Forcepoint NGFW) 6.4.x before 6.4.7, 6.5.x before 6.5.4, and 6.6.x before 6.6.2 has a serious authentication vulnerability that potentially allows unauthorized users to bypass password authentication and access services protected by the NGFW Engine. The vulnerability affects the following NGFW features when the LDAP authentication method is used as the backend authentication: IPsec VPN, SSL VPN or Browser-based user authentication. The vulnerability does not apply when any other backend authentication is used. The RADIUS authentication method is not vulnerable, for example."}], "problemTypes": [{"descriptions": [{"description": "Authentication Bypass", "lang": "en", "type": "text"}]}], "providerMetadata": {"dateUpdated": "2021-09-10T17:06:24", "orgId": "e23ea22c-8c39-4eff-8980-2881e5ae54e2", "shortName": "forcepoint"}, "references": [{"tags": ["x_refsource_CONFIRM"], "url": "https://help.forcepoint.com/security/CVE/CVE-2019-6143.html"}], "x_legacyV4Record": {"CVE_data_meta": {"ASSIGNER": "psirt@forcepoint.com", "ID": "CVE-2019-6143", "STATE": "PUBLIC"}, "affects": {"vendor": {"vendor_data": [{"product": {"product_data": [{"product_name": "Forcepoint Next Generation Firewall", "version": {"version_data": [{"version_value": "6.4.0 - 6.4.6"}, {"version_value": "6.5.0 - 6.5.3"}, {"version_value": "6.6.0 - 6.6.1"}]}}]}, "vendor_name": "Forcepoint"}]}}, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": {"description_data": [{"lang": "eng", "value": "Forcepoint Next Generation Firewall (Forcepoint NGFW) 6.4.x before 6.4.7, 6.5.x before 6.5.4, and 6.6.x before 6.6.2 has a serious authentication vulnerability that potentially allows unauthorized users to bypass password authentication and access services protected by the NGFW Engine. The vulnerability affects the following NGFW features when the LDAP authentication method is used as the backend authentication: IPsec VPN, SSL VPN or Browser-based user authentication. The vulnerability does not apply when any other backend authentication is used. The RADIUS authentication method is not vulnerable, for example."}]}, "problemtype": {"problemtype_data": [{"description": [{"lang": "eng", "value": "Authentication Bypass"}]}]}, "references": {"reference_data": [{"name": "https://help.forcepoint.com/security/CVE/CVE-2019-6143.html", "refsource": "CONFIRM", "url": "https://help.forcepoint.com/security/CVE/CVE-2019-6143.html"}]}}}}, "cveMetadata": {"assignerOrgId": "e23ea22c-8c39-4eff-8980-2881e5ae54e2", "assignerShortName": "forcepoint", "cveId": "CVE-2019-6143", "datePublished": "2019-08-20T20:24:21", "dateReserved": "2019-01-11T00:00:00", "dateUpdated": "2021-09-10T17:06:24", "state": "PUBLISHED"}, "dataType": "CVE_RECORD", "dataVersion": "5.0"}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:forcepoint:next_generation_firewall:*:*:*:*:*:*:*:*", "matchCriteriaId": "9854BA69-0760-4E92-9A82-DF0BD47475BB", "versionEndExcluding": "6.4.7", "versionStartIncluding": "6.4.0", "vulnerable": true}, {"criteria": "cpe:2.3:a:forcepoint:next_generation_firewall:*:*:*:*:*:*:*:*", "matchCriteriaId": "7AE682D3-2726-4C1A-8D68-5826E8225964", "versionEndExcluding": "6.5.4", "versionStartIncluding": "6.5.0", "vulnerable": true}, {"criteria": "cpe:2.3:a:forcepoint:next_generation_firewall:*:*:*:*:*:*:*:*", "matchCriteriaId": "76EB278D-ED52-4E8B-8B41-D7FB1B94BF5A", "versionEndExcluding": "6.6.2", "versionStartIncluding": "6.6.0", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "descriptions": [{"lang": "en", "value": "Forcepoint Next Generation Firewall (Forcepoint NGFW) 6.4.x before 6.4.7, 6.5.x before 6.5.4, and 6.6.x before 6.6.2 has a serious authentication vulnerability that potentially allows unauthorized users to bypass password authentication and access services protected by the NGFW Engine. The vulnerability affects the following NGFW features when the LDAP authentication method is used as the backend authentication: IPsec VPN, SSL VPN or Browser-based user authentication. The vulnerability does not apply when any other backend authentication is used. The RADIUS authentication method is not vulnerable, for example."}, {"lang": "es", "value": "El firewall de Forcepoint Next Generation (Forcepoint NGFW) 6.4.x versiones anteriores a 6.4.7, 6.5.x versiones anteriores a 6.5.4 y 6.6.x versiones anteriores a 6.6.2 tiene una grave vulnerabilidad de autenticaci\u00f3n que potencialmente permite a usuarios no autorizados eludir la autenticaci\u00f3n de contrase\u00f1a y acceder a servicios protegidos por el motor NGFW. La vulnerabilidad afecta las siguientes caracter\u00edsticas de NGFW cuando se utiliza el m\u00e9todo de autenticaci\u00f3n LDAP como autenticaci\u00f3n de back-end: IPsec VPN, SSL VPN o autenticaci\u00f3n de usuario basada en navegador. La vulnerabilidad no se aplica cuando se utiliza cualquier otra autenticaci\u00f3n de back-end. El m\u00e9todo de autenticaci\u00f3n RADIUS no es vulnerable, por ejemplo."}], "id": "CVE-2019-6143", "lastModified": "2022-04-18T16:11:12.913", "metrics": {"cvssMetricV2": [{"acInsufInfo": false, "baseSeverity": "MEDIUM", "cvssData": {"accessComplexity": "LOW", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "NONE", "baseScore": 6.4, "confidentialityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:N", "version": "2.0"}, "exploitabilityScore": 10.0, "impactScore": 4.9, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": false}], "cvssMetricV31": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 9.1, "baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N", "version": "3.1"}, "exploitabilityScore": 3.9, "impactScore": 5.2, "source": "nvd@nist.gov", "type": "Primary"}]}, "published": "2019-08-20T21:15:13.357", "references": [{"source": "psirt@forcepoint.com", "tags": ["Vendor Advisory"], "url": "https://help.forcepoint.com/security/CVE/CVE-2019-6143.html"}], "sourceIdentifier": "psirt@forcepoint.com", "vulnStatus": "Analyzed", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-287"}], "source": "nvd@nist.gov", "type": "Primary"}]}