QwikSec

Security Database

CVE

CWE

Training

CVE-2019-8282

Published: Jun 7, 2019

Modified: Aug 4, 2024

PUBLISHED

Description

Gemalto Admin Control Center, all versions prior to 7.92, uses cleartext HTTP to communicate with www3.safenet-inc.com to obtain language packs. This allows attacker to do man-in-the-middle (MITM) attack and replace original language pack by malicious one.

Vendor	Product	Versions
n/a	Sentinel LDK RTE	affected `7.91`

Weaknesses (CWE)

References

https://ics-cert.kaspersky.com/advisories/klcert-advisories/2019/06/05/klcert-19-029-gemalto-admin-control-center-uses-cleartext-communication-with-www3-safenet-inc-com/

x_refsource_MISC

Security Training

Train your team to recognize and prevent security threats with our comprehensive security awareness program.

Vulnerability Scanning

Discover vulnerabilities in your applications and infrastructure before attackers do.