257 matches found
PT-2024-14961 · Forcepoint · Forcepoint Web Security
Name of the Vulnerable Software and Affected Versions: Forcepoint Web Security versions prior to 8.5.6 Description: The Forcepoint Web Security portal allows administrators to generate detailed reports on user requests made through the Web proxy. It has been determined that the user agent field i...
Unable to add store to Citrix Workspace App for Windows when Forcepoint agent is installed
When adding a StoreFront store to Citrix Workspace App for Windows, the Google multi-factor authentication page does not load correctly if Forcepoint agent is installed. The authentication form only partially loads. Without Forcepoint agent, the problem disappears...
The vulnerability of the SMC Downloads function in the Forcepoint NGFW Security Management Center web application allows attackers to execute cross-site scripting attacks.
The vulnerability of the SMC Downloads function in the Forcepoint NGFW Security Management Center web application relates to the lack of protective measures for the website structure. Exploiting this vulnerability allows a malicious actor to perform cross-site attacks...
CVE-2023-5451
Forcepoint NGFW Security Management Center Management Server has SMC Downloads optional feature to offer standalone Management Client downloads and ECA configuration downloads. Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Forcepoint Next...
Cross site scripting
Forcepoint NGFW Security Management Center Management Server has SMC Downloads optional feature to offer standalone Management Client downloads and ECA configuration downloads. Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Forcepoint Next...
CVE-2023-5451
Forcepoint NGFW Security Management Center Management Server has SMC Downloads optional feature to offer standalone Management Client downloads and ECA configuration downloads. Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Forcepoint Next...
CVE-2023-5451
The issue is a Reflected XSS vulnerability in Forcepoint Next Generation Firewall Security Management Center (SMC Downloads feature). Affects NGFW SMC downloads path, with improper neutralization of input during web page generation. Impact is reflected XSS that could affect users visiting crafted...
CVE-2023-5451
Forcepoint NGFW Security Management Center Management Server has SMC Downloads optional feature to offer standalone Management Client downloads and ECA configuration downloads. Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Forcepoint Next...
Forcepoint Next Generation Firewall Security Vulnerability
Forcepoint Next Generation Firewall NGFW is a next-generation firewall product from Forcepoint Corporation. A security vulnerability exists in Forcepoint Next Generation Firewall Security Management Center versions prior to 6.10.13, 6.11.0 through 7.1.2, which stems from the presence of a reflect...
PT-2024-2602 · Forcepoint · Forcepoint Next Generation Firewall Security Management Center
Name of the Vulnerable Software and Affected Versions: Forcepoint Next Generation Firewall Security Management Center versions prior to 6.10.13 Forcepoint Next Generation Firewall Security Management Center versions 6.11.0 through 7.1.2 Description: The issue is related to improper neutralization...
CVE-2023-1705
Missing Authorization vulnerability in Forcepoint F|One SmartEdge Agent on Windows bgAutoinstaller service modules allows Privilege Escalation, Functionality Bypass.This issue affects F|One SmartEdge Agent: before 1.7.0.230330-554...
CVE-2023-1705
Missing Authorization vulnerability in Forcepoint F|One SmartEdge Agent on Windows bgAutoinstaller service modules allows Privilege Escalation, Functionality Bypass.This issue affects F|One SmartEdge Agent: before 1.7.0.230330-554...
Authorization
Missing Authorization vulnerability in Forcepoint F|One SmartEdge Agent on Windows bgAutoinstaller service modules allows Privilege Escalation, Functionality Bypass.This issue affects F|One SmartEdge Agent: before 1.7.0.230330-554...
CVE-2023-1705
Missing Authorization vulnerability in Forcepoint F|One SmartEdge Agent on Windows bgAutoinstaller service modules allows Privilege Escalation, Functionality Bypass.This issue affects F|One SmartEdge Agent: before 1.7.0.230330-554...
CVE-2023-1705
Missing Authorization vulnerability in Forcepoint F|One SmartEdge Agent on Windows bgAutoinstaller service modules allows Privilege Escalation, Functionality Bypass.This issue affects F|One SmartEdge Agent: before 1.7.0.230330-554...
CVE-2023-1705
The CVE-2023-1705 issue affects Forcepoint F|One SmartEdge Agent on Windows, specifically the bgAutoinstaller service modules, and is described across multiple sources as a Missing Authorization vulnerability that enables Privilege Escalation and a Functionality Bypass. Affected versions are prio...
Forcepoint One SmartEdge Agent Security Vulnerability
Forcepoint One SmartEdge Agent is an endpoint security agent from Forcepoint that can be used to protect user devices from a variety of cyber threats and data leaks. A security vulnerability exists in Forcepoint One SmartEdge Agent versions prior to 1.7.0.230330-554, which stems from a lack of...
PT-2024-11942 · Forcepoint · Forcepoint F|One Smartedge Agent
Name of the Vulnerable Software and Affected Versions: Forcepoint F|One SmartEdge Agent versions prior to 1.7.0.230330-554 Description: The issue is related to a Missing Authorization vulnerability in the bgAutoinstaller service modules of Forcepoint F|One SmartEdge Agent on Windows, allowing...
CVE-2023-2080
Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in Forcepoint Cloud Security Gateway CSG Portal on Web Cloud Security Gateway, Email Security Cloud allows Blind SQL Injection...
Sql injection
Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in Forcepoint Cloud Security Gateway CSG Portal on Web Cloud Security Gateway, Email Security Cloud allows Blind SQL Injection...