CVE-2019-11856: ALEOS ACEView Message Replay

First published: Fri Aug 21 2020(Updated: )

A nonce reuse vulnerability exists in the ACEView service of ALEOS before 4.13.0, 4.9.5, and 4.4.9 allowing message replay. Captured traffic to the ACEView service can be replayed to other gateways sharing the same credentials.

Credit: cve@mitre.org

Never miss a vulnerability like this again

Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.

Read MoreStart Free Trial

• collector/nvd-index
• agent/type
• agent/softwarecombine
• collector/mitre-cve
• source/MITRE
• agent/weakness
• agent/last-modified-date
• agent/severity
• agent/author
• agent/references
• agent/tags
• agent/title
• agent/description
• agent/first-publish-date
• agent/event
• vendor/sierrawireless
• canonical/sierrawireless aleos
• version/sierrawireless aleos/4.12.0
• canonical/sierrawireless airlink lx40
• canonical/sierrawireless airlink lx60
• canonical/sierrawireless airlink mp70
• canonical/sierrawireless airlink mp70e
• canonical/sierrawireless airlink rv50
• canonical/sierrawireless airlink rv50x
• version/sierrawireless aleos/4.9.4
• canonical/sierrawireless airlink es450
• canonical/sierrawireless airlink gx450
• version/sierrawireless aleos/4.4.8
• canonical/sierrawireless airlink es440
• canonical/sierrawireless airlink gx400
• canonical/sierrawireless airlink gx440
• canonical/sierrawireless airlink ls300