Forcepoint NGFW Security Management Center (SMC) versions lower than 6.5.12 Incorrect Type Conversion or Cast Vulnerability

Summary

Forcepoint NGFW Security Management Center (SMC) versions lower than 6.5.12 or 6.7.1 have a rare issue that in specific circumstances can corrupt the internal configuration database.

Credit:

The information has been provided by Vendor

The original article can be found at:https://support.forcepoint.com/KBArticle?id=000017918


Details

When the database is corrupted, the SMC might produce an incorrect IPsec configuration for the Forcepoint Next Generation Firewall (NGFW), possibly resulting in settings that are weaker than expected. All SMC versions lower than 6.5.12 or 6.7.1 are vulnerable.

 

Vulnerable Systems:

Forcepoint NGFW Security Management Center (SMC) versions lower than 6.5.12

Forcepoint NGFW Security Management Center (SMC) versions lower than 6.7.1

 

CVE Information:

CVE-2019-6147

 

Disclosure Timeline:
Published Date:12/23/2019

Categories: FeaturedNews