HIGH🇬🇧 English

CVE-2020-6024

CVSS 7.8v3.1pub. 2021-01-20upd. 2024-11-21

Check Point SmartConsole before R80.10 Build 185, R80.20 Build 119, R80.30 before Build 94, R80.40 before Build 415, and R81 before Build 548 were vulnerable to a possible local privilege escalation due to running executables from a directory with write access to all authenticated users.

oryginał EN
CVSS Vector
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
  • Checkpoint Smartconsole

    APP
    Checkpoint
    r80.20r80.30r80.40r81≤ r80.10
🔵
ZWERYFIKUJ U PRODUCENTA
Brak jednoznacznych danych o patchu. Sprawdź referencje od producenta.
Tagi
LPE
CWE
Referencje

Powiązane podatności

CVE-2024-24915MEDIUM6.1ten sam produkt

Credentials are not cleared from memory after being used. A user with Administrator permissions can execute me...

CVE-2024-24916MEDIUM6.5ten sam produkt

Untrusted DLLs in the installer's directory may be loaded and executed, leading to potentially arbitrary code ...

CVE-2026-50751CRITICAL9.3⚠ KEVPL ✓ten sam vendor

Auth Bypass w Check Point VPN — pominięcie uwierzytelnienia przez błąd IKEv1

CVE-2019-8459CRITICAL9.8ten sam vendor

Check Point Endpoint Security Client for Windows, with the VPN blade, before version E80.83, starts a process ...

CVE-2024-24919HIGH8.6⚠ KEVten sam vendor

Potentially allowing an attacker to read certain information on Check Point Security Gateways once connected t...