PT-2019-17979 · Forcepoint · Forcepoint One Endpoint

Published

2019-10-23

Updated

2022-03-31

CVE-2019-6144

CVSS v3.1

6.5

Medium

Vector

AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N

Name of the Vulnerable Software and Affected Versions Forcepoint One Endpoint versions 19.04 through 19.08

Description This issue allows a non-admin user to disable the Forcepoint One Endpoint and bypass Data Loss Prevention (DLP) and Web protection.

Recommendations For Forcepoint One Endpoint versions 19.04 through 19.08, update to a version that contains a fix for this issue to prevent non-admin users from disabling the endpoint and bypassing security protections.

Fix

Improper Access Control

Incorrect Authorization

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-284CWE-863

Related Identifiers

CVE-2019-6144

Affected Products

Forcepoint One Endpoint

PT-2019-17979 · Forcepoint · Forcepoint One Endpoint

CVE-2019-6144

Weakness Enumeration

Related Identifiers

Affected Products

References · 3