CVE-2019-13163 — MEDIUM (5.9)

Vulnerability Description

The Fujitsu TLS library allows a man-in-the-middle attack. This affects Interstage Application Development Cycle Manager V10 and other versions, Interstage Application Server V12 and other versions, Interstage Business Application Manager V2 and other versions, Interstage Information Integrator V11 and other versions, Interstage Job Workload Server V8, Interstage List Works V10 and other versions, Interstage Studio V12 and other versions, Interstage Web Server Express V11, Linkexpress V5, Safeauthor V3, ServerView Resource Orchestrator V3, Systemwalker Cloud Business Service Management V1, Systemwalker Desktop Keeper V15, Systemwalker Desktop Patrol V15, Systemwalker IT Change Manager V14, Systemwalker Operation Manager V16 and other versions, Systemwalker Runbook Automation V15 and other versions, Systemwalker Security Control V1, and Systemwalker Software Configuration Manager V15.

CVSS Score

5.9

MEDIUM

CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N

Attack Vector

NETWORK

Attack Complexity

HIGH

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality

HIGH

Integrity

NONE

Availability

NONE

Affected Products

Vendor	Product	Versions
Fujitsu	Gp7000F Firmware	-
Fujitsu	Gp7000F	-
Fujitsu	Primepower Firmware	-
Fujitsu	Primepower	-
Fujitsu	Gps Firmware	-
Fujitsu	Gps	-
Fujitsu	Sparc Enterprise M3000 Firmware	-
Fujitsu	Sparc Enterprise M3000	-
Fujitsu	Sparc Enterprise M4000 Firmware	-
Fujitsu	Sparc Enterprise M4000	-
Fujitsu	Sparc Enterprise M5000 Firmware	-
Fujitsu	Sparc Enterprise M5000	-
Fujitsu	Sparc Enterprise M8000 Firmware	-
Fujitsu	Sparc Enterprise M8000	-
Fujitsu	Sparc Enterprise M9000 Firmware	-
Fujitsu	Sparc Enterprise M9000	-
Fujitsu	Sparc M12-1 Firmware	-
Fujitsu	Sparc M12-1	-
Fujitsu	Sparc M12-2 Firmware	-
Fujitsu	Sparc M12-2	-

Related Weaknesses (CWE)

CWE-326

References

https://www.fujitsu.com/jp/products/software/resources/condition/security/producVendor Advisory
https://www.fujitsu.com/jp/products/software/resources/condition/security/producVendor Advisory

FAQ

What is CVE-2019-13163?

CVE-2019-13163 is a vulnerability with a CVSS score of 5.9 (MEDIUM). The Fujitsu TLS library allows a man-in-the-middle attack. This affects Interstage Application Development Cycle Manager V10 and other versions, Interstage Application Server V12 and other versions, I...

How severe is CVE-2019-13163?

CVE-2019-13163 has been rated MEDIUM with a CVSS base score of 5.9/10. Review the CVSS metrics above for detailed severity breakdown.

Is there a patch for CVE-2019-13163?

Check the references section above for vendor advisories and patch information. Affected products include: Fujitsu Gp7000F Firmware, Fujitsu Gp7000F, Fujitsu Primepower Firmware, Fujitsu Primepower, Fujitsu Gps Firmware.