CVE-2019-13163

Name: CVE-2019-13163
Creator: NVD / NIST
Published: 2020-02-07T23:15:09.933+00:00
License: https://creativecommons.org/publicdomain/zero/1.0/

MEDIUMCVSS 5.9/10EPSS 0.60%

Last modified Jun 17, 2026

CVE-2019-13163 is a medium-severity vulnerability rated 5.9/10 on the CVSS scale. The Fujitsu TLS library allows a man-in-the-middle attack. This affects Interstage Application Development Cycle Manager V10 and other versions, Interstage Application Server V12 and other versions, Interstage Business Application Manager V2 and other versions, Interstage Information Integrator V11 and other versions, Interstage Job Workload Server V8, Interstage List Works V10 and other versions, Interstage Studio V12 and other versions, Interstage Web Server Express V11, Linkexpress V5, Safeauthor V3, ServerView Resource Orchestrator V3, Systemwalker Cloud Business Service Management V1, Systemwalker Desktop Keeper V15, Systemwalker Desktop Patrol V15, Systemwalker IT Change Manager V14, Systemwalker Operation Manager V16 and other versions, Systemwalker Runbook Automation V15 and other versions, Systemwalker Security Control V1, and Systemwalker Software Configuration Manager V15.. EPSS estimates a 0.60% chance of exploitation in the next 30 days.

Description

The Fujitsu TLS library allows a man-in-the-middle attack. This affects Interstage Application Development Cycle Manager V10 and other versions, Interstage Application Server V12 and other versions, Interstage Business Application Manager V2 and other versions, Interstage Information Integrator V11 and other versions, Interstage Job Workload Server V8, Interstage List Works V10 and other versions, Interstage Studio V12 and other versions, Interstage Web Server Express V11, Linkexpress V5, Safeauthor V3, ServerView Resource Orchestrator V3, Systemwalker Cloud Business Service Management V1, Systemwalker Desktop Keeper V15, Systemwalker Desktop Patrol V15, Systemwalker IT Change Manager V14, Systemwalker Operation Manager V16 and other versions, Systemwalker Runbook Automation V15 and other versions, Systemwalker Security Control V1, and Systemwalker Software Configuration Manager V15.

Metrics

CVSS 3.1

5.9/10

CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N

EPSS Probability

0.60%

44.2th percentile

Probability of exploitation in the next 30 days. Learn more

Weakness Enumeration

CWE-326

Affected Software

Vendor	Product	Versions
Fujitsu	Gp7000f Firmware	All versions
Fujitsu	Primepower Firmware	All versions
Fujitsu	Gps Firmware	All versions
Fujitsu	Sparc Enterprise M3000 Firmware	All versions
Fujitsu	Sparc Enterprise M4000 Firmware	All versions
Fujitsu	Sparc Enterprise M5000 Firmware	All versions
Fujitsu	Sparc Enterprise M8000 Firmware	All versions
Fujitsu	Sparc Enterprise M9000 Firmware	All versions
Fujitsu	Sparc M12-1 Firmware	All versions
Fujitsu	Sparc M12-2 Firmware	All versions
Fujitsu	Sparc M12-2s Firmware	All versions
Fujitsu	Primergy Rx2530 M5 Firmware	All versions
Fujitsu	Primergy Rx2540 M5 Firmware	All versions
Fujitsu	Primergy Rx4770 M5 Firmware	All versions
Fujitsu	Primergy Tx2550 M5 Firmware	All versions
Fujitsu	Granpower 5000 Firmware	All versions
Fujitsu	Celsius Firmware	All versions
Fujitsu	Primequest Firmware	All versions
Fujitsu	Interstage Application Development Cycle Manager	10.0
Fujitsu	Interstage Application Development Cycle Manager	10.0a
Fujitsu	Interstage Application Development Cycle Manager	10.1
Fujitsu	Interstage Application Development Cycle Manager	10.1.1
Fujitsu	Interstage Application Development Cycle Manager	10.2
Fujitsu	Interstage Application Development Cycle Manager	10.3
Fujitsu	Interstage Application Development Cycle Manager	10.3.1
Fujitsu	Interstage Application Development Cycle Manager	10.3.1a
Fujitsu	Interstage Application Server	8.0.0
Fujitsu	Interstage Application Server	8.0.1
Fujitsu	Interstage Application Server	8.0.3
Fujitsu	Interstage Application Server	9.0.0
Fujitsu	Interstage Application Server	9.0.0b
Fujitsu	Interstage Application Server	9.1.0
Fujitsu	Interstage Application Server	9.1.0b
Fujitsu	Interstage Application Server	9.2.0
Fujitsu	Interstage Application Server	9.2.0a
Fujitsu	Interstage Application Server	9.3.0
Fujitsu	Interstage Application Server	10.0.0
Fujitsu	Interstage Application Server	10.1.0
Fujitsu	Interstage Application Server	11.0.0
Fujitsu	Interstage Application Server	11.1.0
Fujitsu	Interstage Application Server	12.0.0
Fujitsu	Interstage Application Server	12.1.0
Fujitsu	Interstage Application Server	12.2.0
Fujitsu	Interstage Business Application Manager	1.0l10
Fujitsu	Interstage Business Application Manager	1.0l20
Fujitsu	Interstage Business Application Manager	1.0l21
Fujitsu	Interstage Business Application Manager	1.1
Fujitsu	Interstage Business Application Manager	2.0.0
Fujitsu	Interstage Business Application Manager	2.0.1
Fujitsu	Interstage List Works	9.0.1

Showing 50 of 178 affected configurations. See NVD for the full list.

References

Timeline

Published: Feb 7, 2020
Last Modified: Jun 17, 2026
Status: Modified

Frequently Asked Questions

What is CVE-2019-13163?

How severe is CVE-2019-13163?

CVE-2019-13163 has a CVSS score of 5.9/10 (MEDIUM severity). The EPSS model estimates a 0.60% probability of exploitation in the next 30 days.

How do I fix CVE-2019-13163?

Check the vendor references and advisories linked above for patched versions and mitigation guidance. You can also run a Strix scan to test if your systems are affected.

Are you affected by CVE-2019-13163?

Run a free Strix scan to check your systems for this vulnerability.

Scan your code now

Source: NVD / NIST