CVE-2019-13163

MEDIUM

Fujitsu TLS Library - Inadequate Encryption Strength

Title source: llm

Description

The Fujitsu TLS library allows a man-in-the-middle attack. This affects Interstage Application Development Cycle Manager V10 and other versions, Interstage Application Server V12 and other versions, Interstage Business Application Manager V2 and other versions, Interstage Information Integrator V11 and other versions, Interstage Job Workload Server V8, Interstage List Works V10 and other versions, Interstage Studio V12 and other versions, Interstage Web Server Express V11, Linkexpress V5, Safeauthor V3, ServerView Resource Orchestrator V3, Systemwalker Cloud Business Service Management V1, Systemwalker Desktop Keeper V15, Systemwalker Desktop Patrol V15, Systemwalker IT Change Manager V14, Systemwalker Operation Manager V16 and other versions, Systemwalker Runbook Automation V15 and other versions, Systemwalker Security Control V1, and Systemwalker Software Configuration Manager V15.

References (1)

Core 1

Core References

Vendor Advisory x_refsource_confirm

https://www.fujitsu.com/jp/products/software/resources/condition/security/products-fujitsu/solution/interstage-systemwalker-tls-202001.html

Scores

CVSS v3 5.9

EPSS 0.0060

EPSS Percentile 43.9%

Attack Vector NETWORK

CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N

Details

CWE

CWE-326

Status published

Products (30)

fujitsu/celsius_firmware

fujitsu/gp7000f_firmware

fujitsu/gps_firmware

fujitsu/granpower_5000_firmware

fujitsu/interstage_application_development_cycle_manager 10.0

fujitsu/interstage_application_development_cycle_manager 10.0a

fujitsu/interstage_application_development_cycle_manager 10.1 (2 CPE variants)

fujitsu/interstage_application_development_cycle_manager 10.1.1 (2 CPE variants)

fujitsu/interstage_application_development_cycle_manager 10.2 (2 CPE variants)

fujitsu/interstage_application_development_cycle_manager 10.3 (2 CPE variants)

... and 20 more

Published Feb 07, 2020

Tracked Since Feb 18, 2026