CVE-2019-8282

2019-06-0714:21:01

CWE-300

Kaspersky

www.cve.org

5.1 Medium

AI Score

Confidence

High

0.001 Low

EPSS

Percentile

28.7%

JSON

Gemalto Admin Control Center, all versions prior to 7.92, uses cleartext HTTP to communicate with www3.safenet-inc.com to obtain language packs. This allows attacker to do man-in-the-middle (MITM) attack and replace original language pack by malicious one.

CNA Affected

[
  {
    "product": "Sentinel LDK RTE",
    "vendor": "n/a",
    "versions": [
      {
        "status": "affected",
        "version": "7.91"
      }
    ]
  }
]

References

ics-cert.kaspersky.com/advisories/klcert-advisories/2019/06/05/klcert-19-029-gemalto-admin-control-center-uses-cleartext-communication-with-www3-safenet-inc-com/