The Mobile Access Portal's File Share application is vulnerable to a directory traversal attack, allowing an authenticated, malicious end-user (authorized to at least one File Share application) to list the file names of 'nobody'-accessible directories on the Mobile Access gateway.
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:L/I:N/A:NCheckpoint Gaia Os
OSCheckpointr81.10r81.20r82Checkpoint Mobile Access
APPCheckpointwszystkie wersjeCheckpoint Remote Access Vpn
APPCheckpointwszystkie wersje
Related vulnerabilities
Auth Bypass w Check Point VPN — pominięcie uwierzytelnienia przez błąd IKEv1
Authenticated Gaia users can inject code or commands by global variables through special HTTP requests. A Secu...
For an authenticated end-user the portal may run a script while attempting to display a directory or some file...
In rare scenarios, the cpca process on the Security Management Server / Domain Management Server may exit unex...
The Check Point Gaia Portal's GUI Clients allowed authenticated administrators with permission for the GUI Cli...