Sensitive Key Material Logging in Unisys Stealth Software
CVE-2019-18193

7.5HIGH

Key Information:

Vendor: Unisys
Status: Stealth
Vendor: CVE Published:; 3 February 2020

What is CVE-2019-18193?

In Unisys Stealth versions 3.4.108.0, 3.4.209.x, 4.0.027.x, and 4.0.114, a vulnerability exists where sensitive key material may be inadvertently logged under specific conditions. This logging could potentially expose critical security information to unauthorized access. The issue was resolved in subsequent releases including 3.4.109, 4.0.027.13, 4.0.125, and 5.0.013.0, emphasizing the importance of upgrading to maintain optimal security.

References

https://www.unisys.com/offerings/security-solutions/unisy...

x_refsource_MISC

https://public.support.unisys.com/common/public/vulnerabi...

x_refsource_CONFIRM

CVSS V3.1

Score:

7.5

Severity:

HIGH

Confidentiality:

High

Integrity:

High

Availability:

High

Attack Vector:

Local

Attack Complexity:

High

Privileges Required:

High

User Interaction:

None

Scope:

Changed

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Feb 3, 2020
Vulnerability Reserved
Oct 17, 2019

CVE-2019-18193 Data

JSON