CVE-2019-8282

Summary

Gemalto Admin Control Center, all versions prior to 7.92, uses cleartext HTTP to communicate with www3.safenet-inc.com to obtain language packs. This allows attacker to do man-in-the-middle (MITM) attack and replace original language pack by malicious one.

Affected Software

VendorProductVersion RangeStatus
n/aSentinel LDK RTE7.91affected

Weaknesses

  • CWE-300: CWE-300: Channel Accessible by Non-Endpoint ('Man-in-the-Middle')

ADP Enrichment

CVE Program Container

Additional References

References