CVE-2019-6147

The CVE-2019-6147 entry affects Forcepoint NGFW Security Management Center (SMC) versions older than 6.5.12 and 6.7.1. The issue is a rare data-corruption of the internal configuration database, which can lead the SMC to generate an incorrect IPsec configuration for Forcepoint NGFW. Consequences ...

Forcepoint Email Security Detection (HTTP)

HTTP based detection of Forcepoint Email Security. SPDX-FileCopyrightText: 2019 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Forcepoint Email Security Cross-Site Scripting Vulnerability

Forcepoint Email Security is a suite of email protection solutions from US-based Forcepoint. The product includes features such as spam filtering, malware detection, phishing protection, and protection against intrusion BEC attacks. A cross-site scripting vulnerability exists in Forcepoint Email...

CVE-2019-6142

It has been reported that XSS is possible in Forcepoint Email Security, versions 8.5 and 8.5.3. It is strongly recommended that you apply the relevant hotfix in order to remediate this issue...

CVE-2019-6142

It has been reported that XSS is possible in Forcepoint Email Security, versions 8.5 and 8.5.3. It is strongly recommended that you apply the relevant hotfix in order to remediate this issue...

Design/Logic Flaw

It has been reported that XSS is possible in Forcepoint Email Security, versions 8.5 and 8.5.3. It is strongly recommended that you apply the relevant hotfix in order to remediate this issue...

CVE-2019-6142

The CVE-2019-6142 entry concerns Forcepoint Email Security, specifically versions 8.5 through 8.5.3, where a cross-site scripting (XSS) vulnerability exists. The connected documents describe a web-application flaw that lacks proper validation of client-side data, enabling potential client-side co...

CVE-2019-6142

It has been reported that XSS is possible in Forcepoint Email Security, versions 8.5 and 8.5.3. It is strongly recommended that you apply the relevant hotfix in order to remediate this issue...

PT-2019-17977 · Forcepoint · Forcepoint Email Security

Name of the Vulnerable Software and Affected Versions: Forcepoint Email Security versions 8.5 through 8.5.3 Description: A reported issue allows for cross-site scripting XSS in the software. Recommendations: For Forcepoint Email Security versions 8.5 through 8.5.3, apply the relevant hotfix to...

CVE-2019-6144

This vulnerability allows a normal non-admin user to disable the Forcepoint One Endpoint versions 19.04 through 19.08 and bypass DLP and Web protection...

CVE-2019-6144

This vulnerability allows a normal non-admin user to disable the Forcepoint One Endpoint versions 19.04 through 19.08 and bypass DLP and Web protection...

Design/Logic Flaw

This vulnerability allows a normal non-admin user to disable the Forcepoint One Endpoint versions 19.04 through 19.08 and bypass DLP and Web protection...

CVE-2019-6144

CVE-2019-6144 affects Forcepoint One Endpoint (versions 19.04–19.08); a non-admin user can disable the endpoint and bypass DLP and Web protection. The description indicates loss of protection for those versions; no root-cause or remediation details are provided in the documents.

CVE-2019-6144

This vulnerability allows a normal non-admin user to disable the Forcepoint One Endpoint versions 19.04 through 19.08 and bypass DLP and Web protection...

CVE-2019-6145

Forcepoint VPN Client for Windows versions lower than 6.6.1 have an unquoted search path vulnerability. This enables local privilege escalation to SYSTEM user. By default, only local administrators can write executables to the vulnerable directories. Forcepoint thanks Peleg Hadar of SafeBreach La...

CVE-2019-6145

Forcepoint VPN Client for Windows versions lower than 6.6.1 have an unquoted search path vulnerability. This enables local privilege escalation to SYSTEM user. By default, only local administrators can write executables to the vulnerable directories. Forcepoint thanks Peleg Hadar of SafeBreach La...

Design/Logic Flaw

Forcepoint VPN Client for Windows versions lower than 6.6.1 have an unquoted search path vulnerability. This enables local privilege escalation to SYSTEM user. By default, only local administrators can write executables to the vulnerable directories. Forcepoint thanks Peleg Hadar of SafeBreach La...

CVE-2019-6145

Forcepoint VPN Client for Windows versions lower than 6.6.1 have an unquoted search path vulnerability. This enables local privilege escalation to SYSTEM user. By default, only local administrators can write executables to the vulnerable directories. Forcepoint thanks Peleg Hadar of SafeBreach La...

CVE-2019-6145

CVE-2019-6145 affects Forcepoint VPN Client for Windows versions before 6.6.1. The flaw is an unquoted search path that can be exploited locally to escalate privileges to NT AUTHORITY\SYSTEM. It relies on an attacker having local access with write permissions to two locations: C:\Program.exe and ...

Forcepoint VPN Client is Vulnerable to Privilege Escalation Attacks

A vulnerability has been discovered in the Forcepoint VPN Client software for Windows. The flaw could enable an attacker – with an existing foothold on a system – to achieve an escalation of privilege, persistence and in some cases defense evasion. The vulnerability CVE-2019-6145 stems from an...