CVE-2019-7312 Information

Feb 14, 2021 cve

Description

Limited plaintext disclosure exists in PRIMX Zed Entreprise for Windows before 6.1.2240 Zed Entreprise for Windows (ANSSI qualification submission) before 6.1.2150 Zed Entreprise for Mac before 2.0.199 Zed Entreprise for Linux before 2.0.199 Zed Pro for Windows before 1.0.195 Zed Pro for Mac before 1.0.199 Zed Pro for Linux before 1.0.199 Zed Free for Windows before 1.0.195 Zed Free for Mac before 1.0.199 and Zed Free for Linux before 1.0.199. Analyzing a Zed container can lead to the disclosure of plaintext content of very small files (a few bytes) stored into it.

CVSS Vector

CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N

Reference

https://www.primx.eu/en/bulletins/security-bulletin-19110545

Attack Complexity

LOW

Privileges Required

NONE

User Interaction Required

NONE

Scope

NONE

Confidentiality Impact

UNCHANGED

Integrity Impact

LOW

Availability Impact

NONE

Base Score

NONE

Base Severity

5.3

Share on: