CVE-2000-0808Improper Control of Interaction Frequency in Checkpoint Firewall-1

3 documents3 sources
Severity
7.5HIGHNVD
EPSS
0.5%
top 33.36%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
1
Checkpoint Firewall-1
Timeline
PublishedNov 14
Latest updateApr 30

Description

The seed generation mechanism in the inter-module S/Key authentication mechanism in Check Point VPN-1/FireWall-1 4.1 and earlier allows remote attackers to bypass authentication via a brute force attack, aka "One-time (s/key) Password Authentication."

CVSS vector

AV:N/AC:L/C:P/I:P/A:PExploitability: 10.0 | Impact: 6.4

Affected Packages1 packages

NVDcheckpoint/firewall-13.0, 4.0, 4.1+2

🔴Vulnerability Details

2
GHSA
GHSA-24q9-49c8-294h: The seed generation mechanism in the inter-module S/Key authentication mechanism in Check Point VPN-1/FireWall-1 42022-04-30
CVEList
CVE-2000-0808: The seed generation mechanism in the inter-module S/Key authentication mechanism in Check Point VPN-1/FireWall-1 42001-01-22
CVE-2000-0808 — Checkpoint Firewall-1 vulnerability | cvebase