CVE-2019-6143

Name of the Vulnerable Software and Affected Versions Forcepoint Next Generation Firewall (Forcepoint NGFW) versions 6.4.x through 6.4.6 Forcepoint Next Generation Firewall (Forcepoint NGFW) versions 6.5.x through 6.5.3 Forcepoint Next Generation Firewall (Forcepoint NGFW) versions 6.6.x through 6.6.1

Description The issue is related to a serious authentication vulnerability that potentially allows unauthorized users to bypass password authentication and access services protected by the NGFW Engine. This vulnerability affects the IPsec VPN, SSL VPN, or Browser-based user authentication features when the LDAP authentication method is used as the backend authentication. It does not apply when any other backend authentication method is used, such as RADIUS.

Recommendations For Forcepoint NGFW versions 6.4.x through 6.4.6, update to version 6.4.7 or later. For Forcepoint NGFW versions 6.5.x through 6.5.3, update to version 6.5.4 or later. For Forcepoint NGFW versions 6.6.x through 6.6.1, update to version 6.6.2 or later.