CVE-2019-6716
high-risk
Published 2019-03-21
An unauthenticated Insecure Direct Object Reference (IDOR) in Wicket Core in LogonBox Nervepoint Access Manager 2013 through 2017 allows a remote attacker to enumerate internal Active Directory usernames and group names, and alter back-end server jobs (backup and synchronization jobs), which could allow for the possibility of a Denial of Service attack via a modified jobId parameter in a runJob.html GET request.
Do I need to act?
~
3.0% chance of exploitation in next 30 days
EPSS score — moderate exploit probability
-
Not on CISA KEV list
No confirmed active exploitation reported to CISA
!
1 public exploit available
?
Patch status unknown
Check vendor advisories for fix availability and mitigation guidance
9
CVSS 9.4/10
Critical
NETWORK
/ LOW complexity
Affected Products (20)
Nervepoint Access Manager
Nervepoint Access Manager
Nervepoint Access Manager
Nervepoint Access Manager
Nervepoint Access Manager
Nervepoint Access Manager
Nervepoint Access Manager
Nervepoint Access Manager
Nervepoint Access Manager
Nervepoint Access Manager
Nervepoint Access Manager
Nervepoint Access Manager
Nervepoint Access Manager
Nervepoint Access Manager
Nervepoint Access Manager
Nervepoint Access Manager
Nervepoint Access Manager
Nervepoint Access Manager
Nervepoint Access Manager
Nervepoint Access Manager
Affected Vendors
References (6)
Third Party Advisory
http://packetstormsecurity.com/files/151373/LongBox-Limited-Access-Manager-Insec...
Third Party Advisory
https://www.exploit-db.com/exploits/46254/
Product
https://www.logonbox.com/en/
Third Party Advisory
http://packetstormsecurity.com/files/151373/LongBox-Limited-Access-Manager-Insec...
Third Party Advisory
https://www.exploit-db.com/exploits/46254/
Product
https://www.logonbox.com/en/
57
/ 100
high-risk
Severity
31/34 · Critical
Exploitability
6/34 · Minimal
Exposure
20/34 · Moderate