Lucene search

MitreCVE-2019-18386

HistoryJan 07, 2020 - 7:15 p.m.

CVE-2019-18386

2020-01-0719:15:10

mitre

web.nvd.nist.gov

cve-2019-18386

unisys

clearpath

forward libra

mcp software

vulnerability

systems management

communication channel

CVSS2

5.8

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:M/Au:N/C:N/I:P/A:P

CVSS3

8.7

Attack Vector

NETWORK

Attack Complexity

HIGH

Privileges Required

NONE

User Interaction

NONE

Scope

CHANGED

Confidentiality Impact

NONE

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:N/I:H/A:H

AI Score

8.5

Confidence

High

EPSS

0.001

Percentile

42.5%

JSON

Systems management on Unisys ClearPath Forward Libra and ClearPath MCP Software Series can fault and have other unspecified impact when receiving specifically crafted message payloads over a systems management communication channel

Affected configurations

Nvd

Node

unisysmcp_firmware

VendorProductVersionCPE
unisysmcp_firmware*cpe:2.3:o:unisys:mcp_firmware:*:*:*:*:*:*:*:*

Vendor	Product	Version	CPE
unisys	mcp_firmware	*	cpe:2.3:o:unisys:mcp_firmware::::::::

References

public.support.unisys.com/common/public/vulnerability/NVD_Detail_Rpt.aspx?ID=53

CVSS2

5.8

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:M/Au:N/C:N/I:P/A:P

CVSS3

8.7

Attack Vector

NETWORK

Attack Complexity

HIGH

Privileges Required

NONE

User Interaction

NONE

Scope

CHANGED

Confidentiality Impact

NONE

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:N/I:H/A:H

AI Score

8.5

Confidence

High

EPSS

0.001

Percentile

42.5%

JSON

Related for CVE-2019-18386