Lucene search

[email protected]CVE-2019-18386

HistoryJan 07, 2020 - 7:15 p.m.

CVE-2019-18386

2020-01-0719:15:10

[email protected]

web.nvd.nist.gov

cve-2019-18386

unisys

clearpath

forward libra

mcp software

vulnerability

systems management

communication channel

5.8 Medium

CVSS2

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:M/Au:N/C:N/I:P/A:P

8.7 High

CVSS3

Attack Vector

NETWORK

Attack Complexity

HIGH

Privileges Required

NONE

User Interaction

NONE

Scope

CHANGED

Confidentiality Impact

NONE

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:N/I:H/A:H

8.5 High

AI Score

Confidence

High

0.001 Low

EPSS

Percentile

42.6%

JSON

Systems management on Unisys ClearPath Forward Libra and ClearPath MCP Software Series can fault and have other unspecified impact when receiving specifically crafted message payloads over a systems management communication channel

Affected configurations

NVD

Node

unisysmcp_firmware

CPENameOperatorVersion
unisys:mcp_firmwareunisys mcp firmwareeq*

CPE	Name	Operator	Version
unisys:mcp_firmware	unisys mcp firmware	eq	*

References

public.support.unisys.com/common/public/vulnerability/NVD_Detail_Rpt.aspx?ID=53

5.8 Medium

CVSS2

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:M/Au:N/C:N/I:P/A:P

8.7 High

CVSS3

Attack Vector

NETWORK

Attack Complexity

HIGH

Privileges Required

NONE

User Interaction

NONE

Scope

CHANGED

Confidentiality Impact

NONE

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:N/I:H/A:H

8.5 High

AI Score

Confidence

High

0.001 Low

EPSS

Percentile

42.6%

JSON

Related for CVE-2019-18386

cvelist1 prion1 nvd1