CVE-2019-6143

Forcepoint Next Generation Firewall (Forcepoint NGFW) 6.4.x before 6.4.7, 6.5.x before 6.5.4, and 6.6.x before 6.6.2 has a serious authentication vulnerability that potentially allows unauthorized users to bypass password authentication and access services protected by the NGFW Engine. The vulnerability affects the following NGFW features when the LDAP authentication method is used as the backend authentication: IPsec VPN, SSL VPN or Browser-based user authentication. The vulnerability does not apply when any other backend authentication is used. The RADIUS authentication method is not vulnerable, for example.

CVSS v3 9.1 CRITICAL
CVSS v2.0 6.4 MEDIUM

9.1^/10

CVSS v3 : CRITICAL

Vector :

Exploitability : 3.9 / Impact : 5.2

Attack Vector NETWORK

Attack Complexity LOW

Privileges Required NONE

User Interaction NONE

Confidentiality Impact HIGH

Integrity Impact HIGH

Availability Impact NONE

Scope UNCHANGED

6.4^/10

CVSS v2.0 : MEDIUM

Vector : AV:N/AC:L/Au:N/C:P/I:P/A:N

Exploitability : 10.0 / Impact : 4.9

Access Vector NETWORK

Access Complexity LOW

Authentication NONE

Confidentiality Impact PARTIAL

Integrity Impact PARTIAL

Availability Impact NONE

References

Link	Resource
https://help.forcepoint.com/security/CVE/CVE-2019-6143.html	Vendor Advisory

Configurations

Configuration 1 (hide)

OR	cpe:2.3:a:forcepoint:next_generation_firewall::::::::
	cpe:2.3:a:forcepoint:next_generation_firewall::::::::
	cpe:2.3:a:forcepoint:next_generation_firewall::::::::

History

18 Apr 2022, 16:11

Type	Values Removed	Values Added
References	~~(CONFIRM) https://help.forcepoint.com/security/CVE/CVE-2019-6143.html -~~	(CONFIRM) https://help.forcepoint.com/security/CVE/CVE-2019-6143.html - Vendor Advisory

10 Sep 2021, 18:15

Type	Values Removed	Values Added
References	~~{'url': 'https://support.forcepoint.com/KBArticle?id=000017474', 'name': 'https://support.forcepoint.com/KBArticle?id=000017474', 'tags': ['Vendor Advisory'], 'refsource': 'CONFIRM'}~~	(CONFIRM) https://help.forcepoint.com/security/CVE/CVE-2019-6143.html -

Information

Published : 2019-08-20 21:15

Updated : 2023-12-10 12:59

NVD link : CVE-2019-6143

Mitre link : CVE-2019-6143

CVE.ORG link : CVE-2019-6143

JSON object : View

Products Affected

forcepoint

next_generation_firewall

CWE

CWE-287

Improper Authentication

{"id": "CVE-2019-6143", "metrics": {"cvssMetricV2": [{"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"version": "2.0", "baseScore": 6.4, "accessVector": "NETWORK", "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:N", "authentication": "NONE", "integrityImpact": "PARTIAL", "accessComplexity": "LOW", "availabilityImpact": "NONE", "confidentialityImpact": "PARTIAL"}, "acInsufInfo": false, "impactScore": 4.9, "baseSeverity": "MEDIUM", "obtainAllPrivilege": false, "exploitabilityScore": 10.0, "obtainUserPrivilege": false, "obtainOtherPrivilege": false, "userInteractionRequired": false}], "cvssMetricV31": [{"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 9.1, "attackVector": "NETWORK", "baseSeverity": "CRITICAL", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N", "integrityImpact": "HIGH", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "NONE", "privilegesRequired": "NONE", "confidentialityImpact": "HIGH"}, "impactScore": 5.2, "exploitabilityScore": 3.9}]}, "published": "2019-08-20T21:15:13.357", "references": [{"url": "https://help.forcepoint.com/security/CVE/CVE-2019-6143.html", "tags": ["Vendor Advisory"], "source": "psirt@forcepoint.com"}], "vulnStatus": "Analyzed", "weaknesses": [{"type": "Primary", "source": "nvd@nist.gov", "description": [{"lang": "en", "value": "CWE-287"}]}], "descriptions": [{"lang": "en", "value": "Forcepoint Next Generation Firewall (Forcepoint NGFW) 6.4.x before 6.4.7, 6.5.x before 6.5.4, and 6.6.x before 6.6.2 has a serious authentication vulnerability that potentially allows unauthorized users to bypass password authentication and access services protected by the NGFW Engine. The vulnerability affects the following NGFW features when the LDAP authentication method is used as the backend authentication: IPsec VPN, SSL VPN or Browser-based user authentication. The vulnerability does not apply when any other backend authentication is used. The RADIUS authentication method is not vulnerable, for example."}, {"lang": "es", "value": "El firewall de Forcepoint Next Generation (Forcepoint NGFW) 6.4.x versiones anteriores a 6.4.7, 6.5.x versiones anteriores a 6.5.4 y 6.6.x versiones anteriores a 6.6.2 tiene una grave vulnerabilidad de autenticaci\u00f3n que potencialmente permite a usuarios no autorizados eludir la autenticaci\u00f3n de contrase\u00f1a y acceder a servicios protegidos por el motor NGFW. La vulnerabilidad afecta las siguientes caracter\u00edsticas de NGFW cuando se utiliza el m\u00e9todo de autenticaci\u00f3n LDAP como autenticaci\u00f3n de back-end: IPsec VPN, SSL VPN o autenticaci\u00f3n de usuario basada en navegador. La vulnerabilidad no se aplica cuando se utiliza cualquier otra autenticaci\u00f3n de back-end. El m\u00e9todo de autenticaci\u00f3n RADIUS no es vulnerable, por ejemplo."}], "lastModified": "2022-04-18T16:11:12.913", "configurations": [{"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:a:forcepoint:next_generation_firewall:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "9854BA69-0760-4E92-9A82-DF0BD47475BB", "versionEndExcluding": "6.4.7", "versionStartIncluding": "6.4.0"}, {"criteria": "cpe:2.3:a:forcepoint:next_generation_firewall:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "7AE682D3-2726-4C1A-8D68-5826E8225964", "versionEndExcluding": "6.5.4", "versionStartIncluding": "6.5.0"}, {"criteria": "cpe:2.3:a:forcepoint:next_generation_firewall:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "76EB278D-ED52-4E8B-8B41-D7FB1B94BF5A", "versionEndExcluding": "6.6.2", "versionStartIncluding": "6.6.0"}], "operator": "OR"}]}], "sourceIdentifier": "psirt@forcepoint.com"}