CVE-2019-6139

Published: Feb 7, 2019

Modified: Sep 17, 2024

PUBLISHED

Description

Forcepoint User ID (FUID) server versions up to 1.2 have a remote arbitrary file upload vulnerability on TCP port 5001. Successful exploitation of this vulnerability may lead to remote code execution. To fix this vulnerability, upgrade to FUID version 1.3 or higher. To prevent the vulnerability on FUID versions 1.2 and below, apply local firewall rules on the FUID server to disable all external access to port TCP/5001. FUID requires this port only for local connections through the loopback interface.

Vendor	Product	Versions
Forcepoint .	Forcepoint User ID (FUID) server	affected `Forcepoint User ID (FUID) server versions up to 1.2`

References

https://help.forcepoint.com/security/CVE/CVE-2019-6139.html

x_refsource_CONFIRM

Security Training

Train your team to recognize and prevent security threats with our comprehensive security awareness program.

Start Training

Vulnerability Scanning

Discover vulnerabilities in your applications and infrastructure before attackers do.

Scan Now

CVE-2019-6139

Description

Affected Products

References