CVE-2019-11989

5.9MEDIUM

Key Information:

Vendor: HP
Status: Icewall Sso Agent Option; HPe Icewall Mfa 4.0ee Mfa. Server Ltu; HPe Icewall.mfa4.0se Mfa. Server Ltu
Vendor: CVE Published:; 19 July 2019

Summary

A security vulnerability in HPE IceWall SSO Agent Option and IceWall MFA (Agent module ) could be exploited remotely to cause a denial of service. The versions and platforms of Agent Option modules that are impacted are as follows: 10.0 for Apache 2.2 on RHEL 5 and 6, 10.0 for Apache 2.4 on RHEL 7, 10.0 for Apache 2.4 on HP-UX 11i v3, 10.0 for IIS on Windows, 11.0 for Apache 2.4 on RHEL 7, MFA Proxy 4.0 (Agent module only) for Apache 2.4 on RHEL 7.

Affected Version(s)

IceWall SSO Agent Option; HPE IceWall MFA 4.0EE MFA. Server LTU; HPE IceWall.MFA4.0SE MFA. Server LTU Server LTU,10.0 (RHEL, HP-UX, Windows) and 11.0 (RHEL)

IceWall SSO Agent Option; HPE IceWall MFA 4.0EE MFA. Server LTU; HPE IceWall.MFA4.0SE MFA. Server LTU (MFA Proxy)

References

https://support.hpe.com/hpsc/doc/public/display?docLocale...

x_refsource_MISC

CVSS V3.1

Score:

5.9

Severity:

MEDIUM

Confidentiality:

None

Integrity:

None

Availability:

None

Attack Vector:

Network

Attack Complexity:

High

Privileges Required:

None

User Interaction:

None

Scope:

Unchanged

Timeline

Vulnerability published
Jul 19, 2019
Vulnerability Reserved
May 13, 2019