MEDIUM🇬🇧 English

CVE-2019-8282

CVSS 5.3v3.1pub. 2019-06-07upd. 2024-11-21

Gemalto Admin Control Center, all versions prior to 7.92, uses cleartext HTTP to communicate with www3.safenet-inc.com to obtain language packs. This allows attacker to do man-in-the-middle (MITM) attack and replace original language pack by malicious one.

oryginał EN
CVSS Vector
CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:N/I:H/A:N
  • Gemalto Sentinel Ldk

    APP
    Gemalto
    < 7.92
🔵
ZWERYFIKUJ U PRODUCENTA
Brak jednoznacznych danych o patchu. Sprawdź referencje od producenta.
CWE
Referencje

Powiązane podatności

CVE-2019-8283MEDIUM6.5ten sam produkt

Hasplm cookie in Gemalto Admin Control Center, all versions prior to 7.92, does not have 'HttpOnly' flag. This...

CVE-2017-11497CRITICAL9.8ten sam vendor

Stack buffer overflow in hasplms in Gemalto ACC (Admin Control Center), all versions ranging from HASP SRM 2.1...

CVE-2017-11496CRITICAL9.8ten sam vendor

Stack buffer overflow in hasplms in Gemalto ACC (Admin Control Center), all versions ranging from HASP SRM 2.1...

CVE-2019-18232HIGH7.8ten sam vendor

SafeNet Sentinel LDK License Manager, all versions prior to 7.101(only Microsoft Windows versions are affected...

CVE-2019-9156HIGH8.0ten sam vendor

Gemalto DS3 Authentication Server 2.6.1-SP01 allows OS Command Injection.