Vulnerabilities (CVE)

Filtered by vendor Gemalto Subscribe
Filtered by product Sentinel Ldk
Total 2 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2019-8283 1 Gemalto 1 Sentinel Ldk 2024-11-21 4.3 MEDIUM 6.5 MEDIUM
Hasplm cookie in Gemalto Admin Control Center, all versions prior to 7.92, does not have 'HttpOnly' flag. This allows malicious javascript to steal it.
CVE-2019-8282 1 Gemalto 1 Sentinel Ldk 2024-11-21 2.6 LOW 5.3 MEDIUM
Gemalto Admin Control Center, all versions prior to 7.92, uses cleartext HTTP to communicate with www3.safenet-inc.com to obtain language packs. This allows attacker to do man-in-the-middle (MITM) attack and replace original language pack by malicious one.