CVE-2019-11856: ALEOS ACEView Message Replay

First published: Fri Aug 21 2020(Updated: )

A nonce reuse vulnerability exists in the ACEView service of ALEOS before 4.13.0, 4.9.5, and 4.4.9 allowing message replay. Captured traffic to the ACEView service can be replayed to other gateways sharing the same credentials.

Credit: cve@mitre.org

Never miss a vulnerability like this again

Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.

Read MoreStart Free Trial

• agent/type
• agent/weakness
• agent/severity
• agent/author
• agent/references
• agent/title
• agent/description
• collector/mitre-cve
• source/MITRE
• agent/last-modified-date
• agent/first-publish-date
• agent/event
• agent/source
• agent/softwarecombine
• agent/tags
• collector/nvd-index
• agent/software-canonical-lookup-request
• vendor/sierrawireless
• canonical/sierra wireless aleos
• version/sierra wireless aleos/4.12.0
• canonical/sierra wireless airlink router (mp70, rv50, rv50x, rv55, lx 40, lx60) running aleos software
• canonical/sierra wireless airlink lx60
• canonical/sierra wireless airlink mp70
• canonical/sierra wireless airlink mp70e
• canonical/sierra wireless airlink rv50
• version/sierra wireless aleos/4.9.4
• canonical/sierra wireless airlink es450
• canonical/sierra wireless airlink gx450
• version/sierra wireless aleos/4.4.8
• canonical/sierra wireless airlink es440
• canonical/sierra wireless airlink gx400
• canonical/sierra wireless gx440
• canonical/sierra wireless airlink ls300