Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
Forcepoint Next Generation Firewall (Forcepoint NGFW) 6.4.x before 6.4.7, 6.5.x before 6.5.4, and 6.6.x before 6.6.2 has a serious authentication vulnerability that potentially allows unauthorized users to bypass password authentication and access services protected by the NGFW Engine. The vulnerability affects the following NGFW features when the LDAP authentication method is used as the backend authentication: IPsec VPN, SSL VPN or Browser-based user authentication. The vulnerability does not apply when any other backend authentication is used. The RADIUS authentication method is not vulnerable, for example.
CVSS Information
N/A
Vulnerability Type
N/A
Vulnerability Title
Forcepoint Next Generation Firewall 授权问题漏洞
Vulnerability Description
Forcepoint Next Generation Firewall(NGFW)是美国Forcepoint公司的一款下一代防火墙产品。 Forcepoint NGFW 6.4.7之前的6.4.x版本、6.5.4之前的6.5.x版本和6.6.2之前的6.6.x版本中的IPsec VPN SSL VPN或基于浏览器的用户身份验证功能存在授权问题漏洞。攻击者可利用该漏洞绕过密码验证并访问NGFW Engine所保护的服务。
CVSS Information
N/A
Vulnerability Type
N/A