Lucene search

[email protected]CVE-2019-13163

HistoryFeb 07, 2020 - 11:15 p.m.

CVE-2019-13163

2020-02-0723:15:00

CWE-326

[email protected]

web.nvd.nist.gov

146

fujitsu

tls library

vulnerability

man-in-the-middle attack

interstage

nvd

cve-2019-13163

5.9 Medium

CVSS3

Attack Vector

NETWORK

Attack Complexity

HIGH

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

NONE

Availability Impact

NONE

CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N

7.3 High

AI Score

Confidence

Low

4.3 Medium

CVSS2

Access Vector

NETWORK

Access Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

NONE

Availability Impact

NONE

AV:N/AC:M/Au:N/C:P/I:N/A:N

0.001 Low

EPSS

Percentile

47.6%

JSON

The Fujitsu TLS library allows a man-in-the-middle attack. This affects Interstage Application Development Cycle Manager V10 and other versions, Interstage Application Server V12 and other versions, Interstage Business Application Manager V2 and other versions, Interstage Information Integrator V11 and other versions, Interstage Job Workload Server V8, Interstage List Works V10 and other versions, Interstage Studio V12 and other versions, Interstage Web Server Express V11, Linkexpress V5, Safeauthor V3, ServerView Resource Orchestrator V3, Systemwalker Cloud Business Service Management V1, Systemwalker Desktop Keeper V15, Systemwalker Desktop Patrol V15, Systemwalker IT Change Manager V14, Systemwalker Operation Manager V16 and other versions, Systemwalker Runbook Automation V15 and other versions, Systemwalker Security Control V1, and Systemwalker Software Configuration Manager V15.

CPENameOperatorVersion
fujitsu:gp7000f_firmwarefujitsu gp7000f firmwareeq-
fujitsu:primepower_firmwarefujitsu primepower firmwareeq-
fujitsu:gps_firmwarefujitsu gps firmwareeq-
fujitsu:sparc_enterprise_m3000_firmwarefujitsu sparc enterprise m3000 firmwareeq-
fujitsu:sparc_enterprise_m4000_firmwarefujitsu sparc enterprise m4000 firmwareeq-
fujitsu:sparc_enterprise_m5000_firmwarefujitsu sparc enterprise m5000 firmwareeq-
fujitsu:sparc_enterprise_m8000_firmwarefujitsu sparc enterprise m8000 firmwareeq-
fujitsu:sparc_enterprise_m9000_firmwarefujitsu sparc enterprise m9000 firmwareeq-
fujitsu:sparc_m12-1_firmwarefujitsu sparc m12-1 firmwareeq-
fujitsu:sparc_m12-2_firmwarefujitsu sparc m12-2 firmwareeq-

CPE	Name	Operator	Version
fujitsu:gp7000f_firmware	fujitsu gp7000f firmware	eq	-
fujitsu:primepower_firmware	fujitsu primepower firmware	eq	-
fujitsu:gps_firmware	fujitsu gps firmware	eq	-
fujitsu:sparc_enterprise_m3000_firmware	fujitsu sparc enterprise m3000 firmware	eq	-
fujitsu:sparc_enterprise_m4000_firmware	fujitsu sparc enterprise m4000 firmware	eq	-
fujitsu:sparc_enterprise_m5000_firmware	fujitsu sparc enterprise m5000 firmware	eq	-
fujitsu:sparc_enterprise_m8000_firmware	fujitsu sparc enterprise m8000 firmware	eq	-
fujitsu:sparc_enterprise_m9000_firmware	fujitsu sparc enterprise m9000 firmware	eq	-
fujitsu:sparc_m12-1_firmware	fujitsu sparc m12-1 firmware	eq	-
fujitsu:sparc_m12-2_firmware	fujitsu sparc m12-2 firmware	eq	-

Rows per page:

1-10 of 1781

References

www.fujitsu.com/jp/products/software/resources/condition/security/products-fujitsu/solution/interstage-systemwalker-tls-202001.html

5.9 Medium

CVSS3

Attack Vector

NETWORK

Attack Complexity

HIGH

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

NONE

Availability Impact

NONE

CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N

7.3 High

AI Score

Confidence

Low

4.3 Medium

CVSS2

Access Vector

NETWORK

Access Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

NONE

Availability Impact

NONE

AV:N/AC:M/Au:N/C:P/I:N/A:N

0.001 Low

EPSS

Percentile

47.6%

JSON

Related for CVE-2019-13163

cvelist1 prion1