Authenticated Gaia users can inject code or commands by global variables through special HTTP requests. A Security fix that mitigates this vulnerability is available.
oryginał ENCVSS Vector
CVSS:3.1/AV:A/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:HCheckpoint Clusterxl
HWCheckpointwszystkie wersjeCheckpoint Gaia Os
OSCheckpointr81r81.10r81.20Checkpoint Multi Domain Management
HWCheckpointwszystkie wersjeCheckpoint Quantum 6700
HWCheckpointwszystkie wersjeCheckpoint Quantum Maestro
HWCheckpointwszystkie wersjeCheckpoint Quantum Scalable Chassis
HWCheckpointwszystkie wersjeCheckpoint Quantum Security Gateway
HWCheckpointwszystkie wersjeCheckpoint Quantum Security Management
HWCheckpointwszystkie wersjeCheckpoint Quantum Spark
HWCheckpointwszystkie wersje
🔵
ZWERYFIKUJ U PRODUCENTA
Brak jednoznacznych danych o patchu. Sprawdź referencje od producenta.
CWE
Powiązane podatności
CVE-2026-50751CRITICAL9.3⚠ KEVPL ✓ten sam produkt
Auth Bypass w Check Point VPN — pominięcie uwierzytelnienia przez błąd IKEv1
CVE-2024-24919HIGH8.6⚠ KEVten sam produkt
Potentially allowing an attacker to read certain information on Check Point Security Gateways once connected t...
CVE-2024-52885MEDIUM5.0ten sam produkt
The Mobile Access Portal's File Share application is vulnerable to a directory traversal attack, allowing an a...
CVE-2024-52888MEDIUM5.4ten sam produkt
For an authenticated end-user the portal may run a script while attempting to display a directory or some file...
CVE-2024-24911MEDIUM5.3ten sam produkt
In rare scenarios, the cpca process on the Security Management Server / Domain Management Server may exit unex...