SecPod SCAP Repo, a repository of SCAP Content (CVE, CCE, CPE, CWE, OVAL and XCCDF)

Download | Alert*

CVE

CVE-2019-6534

The uncontrolled search path element vulnerability in Gemalto Sentinel UltraPro Client Library ux32w.dll Versions 1.3.0, 1.3.1, and 1.3.2 enables an attacker to load and execute a malicious file.

CVSS Score and Metrics +CVSS Score and Metrics -

CVSS V3 Severity:		CVSS V2 Severity:
CVSS Score : 7.8		CVSS Score : 6.8
Exploit Score: 1.8		Exploit Score: 8.6
Impact Score: 5.9		Impact Score: 6.4

CVSS V3 Metrics:		CVSS V2 Metrics:
Attack Vector: LOCAL		Access Vector: NETWORK
Attack Complexity: LOW		Access Complexity: MEDIUM
Privileges Required: NONE		Authentication: NONE
User Interaction: REQUIRED		Confidentiality: PARTIAL
Scope: UNCHANGED		Integrity: PARTIAL
Confidentiality: HIGH		Availability: PARTIAL
Integrity: HIGH
Availability: HIGH

Reference:

https://ics-cert.us-cert.gov/advisories/ICSA-19-073-02

https://ics-cert.us-cert.gov/advisories/ICSA-19-078-01

https://supportportal.gemalto.com/csm?id=kb_article_view&sysparm_article=KB0017694

https://sw.aveva.com/hubfs/assets-2018/pdf/security-bulletin/SecurityBulletin_LFSec131.pdf


30480



423868



253164



909



197077



282