Lucene search
K

9 matches found

Tenable Nessus
Tenable Nessus
added 2025/03/04 12:0 a.m.6 views

Linux Distros Unpatched Vulnerability : CVE-2019-14899

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - A vulnerability was discovered in Linux, FreeBSD, OpenBSD, MacOS, iOS, and Android that allows a malicious access point, or an adjacent user, to determine if a...

7.4CVSS7.3AI score0.00838EPSS
Exploits0References2
F5 Networks
F5 Networks
added 2023/02/21 6:35 p.m.52 views

K11155549: IPSEC vulnerability CVE-2019-14899

Security Advisory Description A vulnerability was discovered in Linux, FreeBSD, OpenBSD, MacOS, iOS, and Android that allows a malicious access point, or an adjacent user, to determine if a connected user is using a VPN, make positive inferences about the websites they are visiting, and determine...

7.4CVSS7.5AI score0.00838EPSS
Exploits0
SUSE CVE
SUSE CVE
added 2023/02/15 4:9 a.m.3 views

SUSE CVE-2019-14899

A vulnerability was discovered in Linux, FreeBSD, OpenBSD, MacOS, iOS, and Android that allows a malicious access point, or an adjacent user, to determine if a connected user is using a VPN, make positive inferences about the websites they are visiting, and determine the correct sequence and...

7.4CVSS7.5AI score0.00838EPSS
Exploits0References4
Ivanti
Ivanti
added 2023/02/14 7:22 a.m.11 views

SA44328 - 2019-12: Out-of-Cycle Advisory: Vulnerability could allow attackers to sniff or hijack VPN Connections (CVE-2019-14899)

Edit: 4th of March 2024 - This isn't an active SA and any new edits are part of an article maintenance project. This advisory provides information about recently discovered vulnerability CVE-2019-14899. The flaw could be exploited by an attacker who shares the same network segment with the target...

7.4CVSS6AI score0.00838EPSS
Exploits0
CVE
CVE
added 2019/12/11 2:45 p.m.219 views

CVE-2019-14899

CVE-2019-14899 is a routing-path/kernel issue affecting macOS (and cited across Linux, FreeBSD, OpenBSD, iOS, Android). The root cause is a VPN-tunnel routing problem that allows a local/adjacent attacker to inject into active VPN connections, enabling data injection and potential VPN hijacking. ...

7.4CVSS7.3AI score0.00838EPSS
Exploits0References15Affected Software3
CheckPoint Security
CheckPoint Security
added 2019/12/11 5:0 a.m.27 views

Check Point Response to CVE-2019-14899 (Inferring and hijacking VPN-tunneled TCP connections)

...

4.9CVSS0.5AI score0.00838EPSS
Exploits0Affected Software6
ThreatPost
ThreatPost
added 2019/12/06 4:54 p.m.106 views

Linux Bug Opens Most VPNs to Hijacking

A vulnerability in most Linux distros has been uncovered that allows a network-adjacent attacker to hijack VPN connections and inject rogue data into the secure tunnels that victims are using to communicate with remote servers. According to researchers at University of New Mexico and Breakpointin...

4.9CVSS0.6AI score0.00838EPSS
Exploits0References5
The Hacker News
The Hacker News
added 2019/12/06 11:2 a.m.145 views

New Linux Bug Lets Attackers Hijack Encrypted VPN Connections

A team of cybersecurity researchers has disclosed a new severe vulnerability affecting most Linux and Unix-like operating systems, including FreeBSD, OpenBSD, macOS, iOS, and Android, that could allow remote 'network adjacent attackers' to spy on and tamper with encrypted VPN connections. The...

7.4CVSS0.7AI score0.00838EPSS
Exploits0
Symantec
Symantec
added 2019/12/04 12:0 a.m.133 views

Multiple Linux Distributions CVE-2019-14899 Security Bypass Vulnerability

Description Multiple Linux Distributions are prone to a security-bypass vulnerability. Attackers can exploit this issue to bypass certain security restrictions and perform unauthorized actions. This may aid in further attacks. Technologies Affected Apple iOS Apple macOS Archlinux Linux 2019.05...

1.5AI score0.00838EPSS
Exploits0References7Affected Software5
Rows per page
Query Builder