CVE-2019-8282

Severity CVSS v4.0:
Pending analysis
Type:
CWE-300 Channel Accessible by Non-Endpoint
Publication date:
07/06/2019
Last modified:
17/06/2026

Description

Gemalto Admin Control Center, all versions prior to 7.92, uses cleartext HTTP to communicate with www3.safenet-inc.com to obtain language packs. This allows attacker to do man-in-the-middle (MITM) attack and replace original language pack by malicious one.

Vulnerable products and versions

CPE From Up to
cpe:2.3:a:gemalto:sentinel_ldk:*:*:*:*:*:*:*:* 7.92 (excluding)