PT-2021-23319 · Forcepoint · Forcepoint Ngfw Engine

Published

2021-10-04

Updated

2021-10-12

CVE-2021-41530

CVSS v3.1

7.5

High

Vector

AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

Name of the Vulnerable Software and Affected Versions Forcepoint NGFW Engine versions 6.5.11 and earlier Forcepoint NGFW Engine versions 6.8.6 and earlier Forcepoint NGFW Engine version 6.10.0

Description The issue is related to TCP reflected amplification, which occurs when HTTP User Response has been configured.

Recommendations For Forcepoint NGFW Engine versions 6.5.11 and earlier, consider disabling the HTTP User Response configuration to mitigate the risk. For Forcepoint NGFW Engine versions 6.8.6 and earlier, consider disabling the HTTP User Response configuration to mitigate the risk. For Forcepoint NGFW Engine version 6.10.0, consider disabling the HTTP User Response configuration to mitigate the risk.

Fix

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Related Identifiers

CVE-2021-41530

Affected Products

Forcepoint Ngfw Engine

PT-2021-23319 · Forcepoint · Forcepoint Ngfw Engine

CVE-2021-41530

Related Identifiers

Affected Products

References · 4