CVE-2019-7312 - OpenCVE

Limited plaintext disclosure exists in PRIMX Zed Entreprise for Windows before 6.1.2240, Zed Entreprise for Windows (ANSSI qualification submission) before 6.1.2150, Zed Entreprise for Mac before 2.0.199, Zed Entreprise for Linux before 2.0.199, Zed Pro for Windows before 1.0.195, Zed Pro for Mac before 1.0.199, Zed Pro for Linux before 1.0.199, Zed Free for Windows before 1.0.195, Zed Free for Mac before 1.0.199, and Zed Free for Linux before 1.0.199. Analyzing a Zed container can lead to the disclosure of plaintext content of very small files (a few bytes) stored into it.

No CVSS v4.0

No CVSS v3.1

Attack Vector Network

Attack Complexity Low

Privileges Required None

Scope Unchanged

Confidentiality Impact Low

Integrity Impact None

Availability Impact None

User Interaction None

Access Vector Network

Access Complexity Low

Authentication None

Confidentiality Impact Partial

Integrity Impact None

Availability Impact None

AV:N/AC:L/Au:N/C:P/I:N/A:N

This CVE is not in the KEV list.

Key SSVC decision points have not yet been added.

Vendors	Products
Primx	Zed Zedmail Zonecentral

Configuration 1 [-]

OR	cpe:2.3:a:primx:zed:::::free:windows::
	cpe:2.3:a:primx:zed:::::pro:windows::
	cpe:2.3:a:primx:zed:::::free:linux::
	cpe:2.3:a:primx:zed:::::free:mac::
	cpe:2.3:a:primx:zed:::::pro:linux::
	cpe:2.3:a:primx:zed:::::pro:mac::
	cpe:2.3:a:primx:zed:::::entreprise:linux::
	cpe:2.3:a:primx:zed:::::entreprise:mac::
	cpe:2.3:a:primx:zed:::::entreprise:windows::
	cpe:2.3:a:primx:zedmail::::::windows::*
	cpe:2.3:a:primx:zonecentral::::::windows::*

No data.

References

Link	Providers
https://www.primx.eu/en/bulletins/security-bulletin-19110545

History

No history.

MITRE

Status: PUBLISHED

Assigner: mitre

Published: 2019-02-03T08:00:00Z

Updated: 2024-09-17T01:21:55.524Z

Reserved: 2019-02-03T00:00:00Z

Link: CVE-2019-7312

Vulnrichment

No data.

NVD

Status : Analyzed

Published: 2019-02-03T08:29:00.293

Modified: 2019-02-26T16:19:38.243

Link: CVE-2019-7312

Redhat

No data.

{"containers": {"cna": {"affected": [{"product": "n/a", "vendor": "n/a", "versions": [{"status": "affected", "version": "n/a"}]}], "descriptions": [{"lang": "en", "value": "Limited plaintext disclosure exists in PRIMX Zed Entreprise for Windows before 6.1.2240, Zed Entreprise for Windows (ANSSI qualification submission) before 6.1.2150, Zed Entreprise for Mac before 2.0.199, Zed Entreprise for Linux before 2.0.199, Zed Pro for Windows before 1.0.195, Zed Pro for Mac before 1.0.199, Zed Pro for Linux before 1.0.199, Zed Free for Windows before 1.0.195, Zed Free for Mac before 1.0.199, and Zed Free for Linux before 1.0.199. Analyzing a Zed container can lead to the disclosure of plaintext content of very small files (a few bytes) stored into it."}], "problemTypes": [{"descriptions": [{"description": "n/a", "lang": "en", "type": "text"}]}], "providerMetadata": {"dateUpdated": "2019-02-03T08:00:00Z", "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "shortName": "mitre"}, "references": [{"tags": ["x_refsource_MISC"], "url": "https://www.primx.eu/en/bulletins/security-bulletin-19110545"}], "x_legacyV4Record": {"CVE_data_meta": {"ASSIGNER": "cve@mitre.org", "ID": "CVE-2019-7312", "STATE": "PUBLIC"}, "affects": {"vendor": {"vendor_data": [{"product": {"product_data": [{"product_name": "n/a", "version": {"version_data": [{"version_value": "n/a"}]}}]}, "vendor_name": "n/a"}]}}, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": {"description_data": [{"lang": "eng", "value": "Limited plaintext disclosure exists in PRIMX Zed Entreprise for Windows before 6.1.2240, Zed Entreprise for Windows (ANSSI qualification submission) before 6.1.2150, Zed Entreprise for Mac before 2.0.199, Zed Entreprise for Linux before 2.0.199, Zed Pro for Windows before 1.0.195, Zed Pro for Mac before 1.0.199, Zed Pro for Linux before 1.0.199, Zed Free for Windows before 1.0.195, Zed Free for Mac before 1.0.199, and Zed Free for Linux before 1.0.199. Analyzing a Zed container can lead to the disclosure of plaintext content of very small files (a few bytes) stored into it."}]}, "problemtype": {"problemtype_data": [{"description": [{"lang": "eng", "value": "n/a"}]}]}, "references": {"reference_data": [{"name": "https://www.primx.eu/en/bulletins/security-bulletin-19110545", "refsource": "MISC", "url": "https://www.primx.eu/en/bulletins/security-bulletin-19110545"}]}}}, "adp": [{"providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-04T20:46:45.914Z"}, "title": "CVE Program Container", "references": [{"tags": ["x_refsource_MISC", "x_transferred"], "url": "https://www.primx.eu/en/bulletins/security-bulletin-19110545"}]}]}, "cveMetadata": {"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "assignerShortName": "mitre", "cveId": "CVE-2019-7312", "datePublished": "2019-02-03T08:00:00Z", "dateReserved": "2019-02-03T00:00:00Z", "dateUpdated": "2024-09-17T01:21:55.524Z", "state": "PUBLISHED"}, "dataType": "CVE_RECORD", "dataVersion": "5.1"}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:primx:zed:*:*:*:*:free:windows:*:*", "matchCriteriaId": "4DC7B453-8DA5-4764-A4FD-77FB06E98737", "versionEndExcluding": "1.0.195", "vulnerable": true}, {"criteria": "cpe:2.3:a:primx:zed:*:*:*:*:pro:windows:*:*", "matchCriteriaId": "A5C990BE-473E-4471-BECE-210902EF8F04", "versionEndExcluding": "1.0.195", "vulnerable": true}, {"criteria": "cpe:2.3:a:primx:zed:*:*:*:*:free:linux:*:*", "matchCriteriaId": "60B2C638-AD0A-4C93-ACA3-1BDAC971F2E1", "versionEndExcluding": "1.0.199", "vulnerable": true}, {"criteria": "cpe:2.3:a:primx:zed:*:*:*:*:free:mac:*:*", "matchCriteriaId": "93EA97A8-DD10-4F1C-9356-BDB503B6AE91", "versionEndExcluding": "1.0.199", "vulnerable": true}, {"criteria": "cpe:2.3:a:primx:zed:*:*:*:*:pro:linux:*:*", "matchCriteriaId": "E4086B4A-B6C4-4EE2-8A69-DFDBC9DA6D03", "versionEndExcluding": "1.0.199", "vulnerable": true}, {"criteria": "cpe:2.3:a:primx:zed:*:*:*:*:pro:mac:*:*", "matchCriteriaId": "D45A9E55-703D-4A17-8EAE-B96B91DF2D1A", "versionEndExcluding": "1.0.199", "vulnerable": true}, {"criteria": "cpe:2.3:a:primx:zed:*:*:*:*:entreprise:linux:*:*", "matchCriteriaId": "DFD43D83-1DBF-4F41-90CA-585109597003", "versionEndExcluding": "2.0.199", "vulnerable": true}, {"criteria": "cpe:2.3:a:primx:zed:*:*:*:*:entreprise:mac:*:*", "matchCriteriaId": "F8EAE130-AE29-48FB-A156-C1E1D8C176C6", "versionEndExcluding": "2.0.199", "vulnerable": true}, {"criteria": "cpe:2.3:a:primx:zed:*:*:*:*:entreprise:windows:*:*", "matchCriteriaId": "64372E28-DDC9-4DFC-AF2F-B46CBF74E066", "versionEndExcluding": "6.1.2240", "vulnerable": true}, {"criteria": "cpe:2.3:a:primx:zedmail:*:*:*:*:*:windows:*:*", "matchCriteriaId": "9AC207CC-0888-47ED-A8EE-260D1C71BF33", "versionEndExcluding": "6.1.2240", "vulnerable": true}, {"criteria": "cpe:2.3:a:primx:zonecentral:*:*:*:*:*:windows:*:*", "matchCriteriaId": "CCA5A62E-8D4C-4BD5-9AB0-9CAB5DABFE28", "versionEndExcluding": "6.1.2240", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "cveTags": [], "descriptions": [{"lang": "en", "value": "Limited plaintext disclosure exists in PRIMX Zed Entreprise for Windows before 6.1.2240, Zed Entreprise for Windows (ANSSI qualification submission) before 6.1.2150, Zed Entreprise for Mac before 2.0.199, Zed Entreprise for Linux before 2.0.199, Zed Pro for Windows before 1.0.195, Zed Pro for Mac before 1.0.199, Zed Pro for Linux before 1.0.199, Zed Free for Windows before 1.0.195, Zed Free for Mac before 1.0.199, and Zed Free for Linux before 1.0.199. Analyzing a Zed container can lead to the disclosure of plaintext content of very small files (a few bytes) stored into it."}, {"lang": "es", "value": "Existe la divulgaci\u00f3n de texto plano limitada en PRIMX Zed Entreprise para Windows, en versiones anteriores a la 6.1.2240, en Zed Entreprise para Windows [env\u00edo de calificaci\u00f3n ANSSI] en versiones anteriores a la 6.1.2150, en Zed Entreprise para Mac en versiones 2.0.199, en Zed Entreprise para Linux en versiones 2.0.199, en Zed Pro para Windows en versiones anteriores a la 1.0.195, en Zed Pro para Mac en versiones anteriores a la 1.0.199, en Zed Pro para Linux en versiones anteriores a la 1.0.199, en Zed Free para Windows en versiones anteriores a la 1.0.195, en Zed Free para Mac en versiones anteriores a la 1.0.199 y en Zed Free para Linux en versiones anteriores a la 1.0.199. El an\u00e1lisis de un contenedor Zed puede conducir a la divulgaci\u00f3n del contenido de texto plano de archivos muy peque\u00f1os (unos pocos bytes) almacenados en dicho contenedor."}], "id": "CVE-2019-7312", "lastModified": "2019-02-26T16:19:38.243", "metrics": {"cvssMetricV2": [{"acInsufInfo": false, "baseSeverity": "MEDIUM", "cvssData": {"accessComplexity": "LOW", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "NONE", "baseScore": 5.0, "confidentialityImpact": "PARTIAL", "integrityImpact": "NONE", "vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N", "version": "2.0"}, "exploitabilityScore": 10.0, "impactScore": 2.9, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": false}], "cvssMetricV30": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 5.3, "baseSeverity": "MEDIUM", "confidentialityImpact": "LOW", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N", "version": "3.0"}, "exploitabilityScore": 3.9, "impactScore": 1.4, "source": "nvd@nist.gov", "type": "Primary"}]}, "published": "2019-02-03T08:29:00.293", "references": [{"source": "cve@mitre.org", "tags": ["Third Party Advisory"], "url": "https://www.primx.eu/en/bulletins/security-bulletin-19110545"}], "sourceIdentifier": "cve@mitre.org", "vulnStatus": "Analyzed", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-200"}], "source": "nvd@nist.gov", "type": "Primary"}]}