← Back

Sentinel Ldk

sentinel_ldk

Vendor: Gemalto • 2 CVEs

CVEs (2)

CVE
VENDORS
PRODUCTS
UPDATED
PUBLISHED
CVSS
CVE-2019-8283
1Gemalto
1Sentinel Ldk
Nov 21, 2024
Jun 7, 2019
N/A· v4
6.5 MEDIUM· v3
4.3 MEDIUM· v2
Hasplm cookie in Gemalto Admin Control Center, all versions prior to 7.92, does not have 'HttpOnly' flag. This allows malicious javascript to steal it.
CVE-2019-8282
1Gemalto
1Sentinel Ldk
Nov 21, 2024
Jun 7, 2019
N/A· v4
5.3 MEDIUM· v3
2.6 LOW· v2
Gemalto Admin Control Center, all versions prior to 7.92, uses cleartext HTTP to communicate with www3.safenet-inc.com to obtain language packs. This allows attacker to do man-in-the-middle (MITM) attack and replace orig...Show more
Gemalto Admin Control Center, all versions prior to 7.92, uses cleartext HTTP to communicate with www3.safenet-inc.com to obtain language packs. This allows attacker to do man-in-the-middle (MITM) attack and replace original language pack by malicious one.Show less