Security Advisory: Database corruption vulnerability in Forcepoint NGFW Security Management Center (SMC) (CVE-2019-6147)

Summary

This security advisory describes the database corruption vulnerability (CVE-2019-6147) and its potential effect on Forcepoint products.

Information

Forcepoint NGFW Security Management Center (SMC) versions lower than 6.5.12 or 6.7.1 have a rare issue that in specific circumstances can corrupt the internal configuration database. When the database is corrupted, the SMC might produce an incorrect IPsec configuration for the Forcepoint Next Generation Firewall (NGFW), possibly resulting in settings that are weaker than expected.

All SMC versions lower than 6.5.12 or 6.7.1 are vulnerable.

Forcepoint has reserved CVE-2019-6147 to identify and track this issue with an assigned CVSSv3 Base Score of 4.8 (Medium). [CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:N]

Forcepoint thanks Rhys Postlethwaite from Shelde Pty Ltd for finding and reporting this issue.

Resolution

To fix this vulnerability, upgrade to SMC 6.5.12 or 6.7.1 or higher.

SMC 6.7.1 was released on 5th December, 2019. SMC 6.5.12 was released in January 2020.