Vulnerability Details CVE-2019-8282
Gemalto Admin Control Center, all versions prior to 7.92, uses cleartext HTTP to communicate with www3.safenet-inc.com to obtain language packs. This allows attacker to do man-in-the-middle (MITM) attack and replace original language pack by malicious one.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.001
EPSS Ranking 33.1%
CVSS Severity
CVSS v3 Score 5.3
CVSS v2 Score 2.6
Products affected by CVE-2019-8282
-
cpe:2.3:a:gemalto:sentinel_ldk:6.22
-
cpe:2.3:a:gemalto:sentinel_ldk:6.23
-
cpe:2.3:a:gemalto:sentinel_ldk:6.25
-
cpe:2.3:a:gemalto:sentinel_ldk:6.27
-
cpe:2.3:a:gemalto:sentinel_ldk:6.50
-
cpe:2.3:a:gemalto:sentinel_ldk:6.55
-
cpe:2.3:a:gemalto:sentinel_ldk:6.56
-
cpe:2.3:a:gemalto:sentinel_ldk:6.60
-
cpe:2.3:a:gemalto:sentinel_ldk:6.61
-
cpe:2.3:a:gemalto:sentinel_ldk:6.62
-
cpe:2.3:a:gemalto:sentinel_ldk:6.63
-
cpe:2.3:a:gemalto:sentinel_ldk:6.64
-
cpe:2.3:a:gemalto:sentinel_ldk:6.65
-
cpe:2.3:a:gemalto:sentinel_ldk:7.32
-
cpe:2.3:a:gemalto:sentinel_ldk:7.40
-
cpe:2.3:a:gemalto:sentinel_ldk:7.41
-
cpe:2.3:a:gemalto:sentinel_ldk:7.50
-
cpe:2.3:a:gemalto:sentinel_ldk:7.51
-
cpe:2.3:a:gemalto:sentinel_ldk:7.52
-
cpe:2.3:a:gemalto:sentinel_ldk:7.53
-
cpe:2.3:a:gemalto:sentinel_ldk:7.54
-
cpe:2.3:a:gemalto:sentinel_ldk:7.55
-
cpe:2.3:a:gemalto:sentinel_ldk:7.60
-
cpe:2.3:a:gemalto:sentinel_ldk:7.61
-
cpe:2.3:a:gemalto:sentinel_ldk:7.63
-
cpe:2.3:a:gemalto:sentinel_ldk:7.65
-
cpe:2.3:a:gemalto:sentinel_ldk:7.66
-
cpe:2.3:a:gemalto:sentinel_ldk:7.80
-
cpe:2.3:a:gemalto:sentinel_ldk:7.81
-
cpe:2.3:a:gemalto:sentinel_ldk:7.90
-
cpe:2.3:a:gemalto:sentinel_ldk:7.91