1. Home
  2. CVE Database
  3. CVE-2019-11862
HIGH · 8.1

CVE-2019-11862

The SSH service on ALEOS before 4.12.0, 4.9.5, 4.4.9 allows traffic proxying.

Vulnerability Description

The SSH service on ALEOS before 4.12.0, 4.9.5, 4.4.9 allows traffic proxying.

CVSS Score

8.1

HIGH

CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H
Attack Vector
NETWORK
Attack Complexity
HIGH
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality
HIGH
Integrity
HIGH
Availability
HIGH

Affected Products

VendorProductVersions
SierrawirelessAleos< 4.4.9
SierrawirelessAirlink Es440-
SierrawirelessAirlink Es450-
SierrawirelessAirlink Gx400-
SierrawirelessAirlink Gx440-
SierrawirelessAirlink Gx450-
SierrawirelessAirlink Ls300-
SierrawirelessAirlink Lx40-
SierrawirelessAirlink Lx60-
SierrawirelessAirlink Mp70-
SierrawirelessAirlink Mp70E-
SierrawirelessAirlink Rv50-
SierrawirelessAirlink Rv50X-

References

FAQ

What is CVE-2019-11862?

CVE-2019-11862 is a vulnerability with a CVSS score of 8.1 (HIGH). The SSH service on ALEOS before 4.12.0, 4.9.5, 4.4.9 allows traffic proxying.

How severe is CVE-2019-11862?

CVE-2019-11862 has been rated HIGH with a CVSS base score of 8.1/10. Review the CVSS metrics above for detailed severity breakdown.

Is there a patch for CVE-2019-11862?

Check the references section above for vendor advisories and patch information. Affected products include: Sierrawireless Aleos, Sierrawireless Airlink Es440, Sierrawireless Airlink Es450, Sierrawireless Airlink Gx400, Sierrawireless Airlink Gx440.