{"resultsPerPage":1,"startIndex":0,"totalResults":1,"format":"NVD_CVE","version":"2.0","timestamp":"2026-04-23T05:34:35.352","vulnerabilities":[{"cve":{"id":"CVE-2019-12091","sourceIdentifier":"cert@airbus.com","published":"2019-09-26T16:15:11.003","lastModified":"2024-11-21T04:22:11.063","vulnStatus":"Modified","cveTags":[],"descriptions":[{"lang":"en","value":"The Netskope client service, v57 before 57.2.0.219 and v60 before 60.2.0.214, running with NT\\SYSTEM privilege, accepts network connections from localhost. The connection handling function in this service suffers from command injection vulnerability. Local users can use this vulnerability to execute code with NT\\SYSTEM privilege."},{"lang":"es","value":"El servicio cliente Netskope, v57 versiones anteriores a 57.2.0.219 y v60 versiones anteriores a 60.2.0.214, ejecutado con privilegio NT\\SYSTEM, acepta conexiones de red de localhost. La función de manejo de conexión en este servicio sufre de vulnerabilidad de inyección de comando. Los usuarios locales pueden usar esta vulnerabilidad para ejecutar código con privilegio NT\\SYSTEM."}],"metrics":{"cvssMetricV31":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H","baseScore":7.8,"baseSeverity":"HIGH","attackVector":"LOCAL","attackComplexity":"LOW","privilegesRequired":"LOW","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":1.8,"impactScore":5.9}],"cvssMetricV30":[{"source":"cert@airbus.com","type":"Secondary","cvssData":{"version":"3.0","vectorString":"CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H","baseScore":7.8,"baseSeverity":"HIGH","attackVector":"LOCAL","attackComplexity":"LOW","privilegesRequired":"LOW","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":1.8,"impactScore":5.9}],"cvssMetricV2":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"2.0","vectorString":"AV:L/AC:L/Au:N/C:C/I:C/A:C","baseScore":7.2,"accessVector":"LOCAL","accessComplexity":"LOW","authentication":"NONE","confidentialityImpact":"COMPLETE","integrityImpact":"COMPLETE","availabilityImpact":"COMPLETE"},"baseSeverity":"HIGH","exploitabilityScore":3.9,"impactScore":10.0,"acInsufInfo":false,"obtainAllPrivilege":false,"obtainUserPrivilege":false,"obtainOtherPrivilege":false,"userInteractionRequired":false}]},"weaknesses":[{"source":"cert@airbus.com","type":"Secondary","description":[{"lang":"en","value":"CWE-78"}]},{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"CWE-78"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:netskope:netskope:*:*:*:*:*:*:*:*","versionStartIncluding":"57","versionEndExcluding":"57.2.0.219","matchCriteriaId":"94CF3012-E3FF-4A01-88AF-7FA7A07BCEE1"},{"vulnerable":true,"criteria":"cpe:2.3:a:netskope:netskope:*:*:*:*:*:*:*:*","versionStartIncluding":"60","versionEndExcluding":"60.2.0.214","matchCriteriaId":"631CEBA0-B147-4A43-8DE7-C7B10E5799E7"}]}]}],"references":[{"url":"https://airbus-seclab.github.io/advisories/netskope.html","source":"cert@airbus.com","tags":["Third Party Advisory"]},{"url":"https://support.netskope.com/hc/article_attachments/360033003553/Sprint_62_Release_Notes.pdf","source":"cert@airbus.com","tags":["Permissions Required","Release Notes","Vendor Advisory"]},{"url":"https://support.netskope.com/hc/en-us/articles/360014589894-Netskope-Client","source":"cert@airbus.com","tags":["Permissions Required","Vendor Advisory"]},{"url":"https://airbus-seclab.github.io/advisories/netskope.html","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Third Party Advisory"]},{"url":"https://support.netskope.com/hc/article_attachments/360033003553/Sprint_62_Release_Notes.pdf","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Permissions Required","Release Notes","Vendor Advisory"]},{"url":"https://support.netskope.com/hc/en-us/articles/360014589894-Netskope-Client","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Permissions Required","Vendor Advisory"]}]}}]}