Forcepoint User ID (FUID) server versions up to 1.2 have a remote arbitrary file upload vulnerability on TCP port 5001. Successful exploitation of this vulnerability may lead to remote code execution. To fix this vulnerability, upgrade to FUID version 1.3 or higher. To prevent the vulnerability on FUID versions 1.2 and below, apply local firewall rules on the FUID server to disable all external access to port TCP/5001. FUID requires this port only for local connections through the loopback interface.
Metrics
Affected Vendors & Products
| Vendors | Products |
|---|---|
| Forcepoint |
|
No data.
No data.
Advisories
| Source | ID | Title |
|---|---|---|
 EUVD |
EUVD-2019-15706 | Forcepoint User ID (FUID) server versions up to 1.2 have a remote arbitrary file upload vulnerability on TCP port 5001. Successful exploitation of this vulnerability may lead to remote code execution. To fix this vulnerability, upgrade to FUID version 1.3 or higher. To prevent the vulnerability on FUID versions 1.2 and below, apply local firewall rules on the FUID server to disable all external access to port TCP/5001. FUID requires this port only for local connections through the loopback interface. |
Fixes
Solution
No solution given by the vendor.
Workaround
No workaround given by the vendor.
References
| Link | Providers |
|---|---|
| https://help.forcepoint.com/security/CVE/CVE-2019-6139.html |
|
History
No history.
MITRE
Status: PUBLISHED
Assigner: forcepoint
Published:
Updated: 2024-09-17T02:46:31.626Z
Reserved: 2019-01-11T00:00:00
Link: CVE-2019-6139
Vulnrichment
No data.
NVD
Status : Modified
Published: 2019-02-07T23:29:00.197
Modified: 2024-11-21T04:46:01.257
Link: CVE-2019-6139
Redhat
No data.
OpenCVE Enrichment
No data.