CVE-2019-6140

A configuration issue has been discovered in Forcepoint Email Security 8.4.x and 8.5.x: the product is left in a vulnerable state if the hybrid registration process is not completed.
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTNIST
9.8 CRITICAL
NETWORK
LOW
NONE
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
forcepointCNA
---
---
CVEADP
---
---
Base Score
CVSS 3.x
EPSS Score
Percentile: 60%
VendorProductVersion
forcepointemail_security
8.5 ≤
𝑥
≤ 8.5.3
forcepointemail_security
8.4
𝑥
= Vulnerable software versions
Common Weakness Enumeration
References
https://help.forcepoint.com/security/CVE/CVE-2019-6140.html
https://help.forcepoint.com/security/CVE/CVE-2019-6140.html