CVE-2001-1158Checkpoint Firewall-1 vulnerability

3 documents3 sources
Severity
7.5HIGHNVD
EPSS
2.8%
top 13.81%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
1
Checkpoint Firewall-1
Timeline
PublishedJul 9
Latest updateApr 30

Description

Check Point VPN-1/FireWall-1 4.1 base.def contains a default macro, accept_fw1_rdp, which can allow remote attackers to bypass intended restrictions with forged RDP (internal protocol) headers to UDP port 259 of arbitrary hosts.

CVSS vector

AV:N/AC:L/C:P/I:P/A:PExploitability: 10.0 | Impact: 6.4

Affected Packages1 packages

NVDcheckpoint/firewall-14.1, 4.1_build_41439+1

Patches

Patch: archives.neohapsis.comPatch: www.securityfocus.comPatch: archives.neohapsis.com

🔴Vulnerability Details

2
GHSA
GHSA-gf35-4867-g4gj: Check Point VPN-1/FireWall-1 42022-04-30
CVEList
CVE-2001-1158: Check Point VPN-1/FireWall-1 42002-06-25
CVE-2001-1158 — Checkpoint Firewall-1 vulnerability | cvebase