PT-2019-18963 · Gemalto · Gemalto Admin Control Center

Publicado

2019-06-07

Atualizado

2020-10-22

CVE-2019-8282

CVSS v3.1

5.3

Média

Vetor

AV:N/AC:H/PR:N/UI:R/S:U/C:N/I:H/A:N

Name of the Vulnerable Software and Affected Versions Gemalto Admin Control Center versions prior to 7.92

Description The issue allows an attacker to perform a man-in-the-middle (MITM) attack. This is due to the use of cleartext HTTP to communicate with www3.safenet-inc.com for obtaining language packs, which enables the attacker to replace the original language pack with a malicious one.

Recommendations For versions prior to 7.92, update to version 7.92 or later to resolve the issue.

Correção

Origin Validation Error

Encontrou algum problema na descrição? Tem algo a acrescentar? Fique à vontade para nos escrever 👾

dbugs@ptsecurity.com

Enumeração de Fraquezas

CWE-300CWE-346

Identificadores relacionados

CVE-2019-8282

Produtos afetados

Gemalto Admin Control Center

PT-2019-18963 · Gemalto · Gemalto Admin Control Center

CVE-2019-8282

Enumeração de Fraquezas

Identificadores relacionados

Produtos afetados

Referências · 3