CVE-2001-1171 — Checkpoint Firewall-1 vulnerability

3 documents3 sources

Severity

7.2HIGHNVD

EPSS

0.0%

top 85.94%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

Checkpoint Firewall-1

Timeline

PublishedApr 1

Latest updateApr 30

Description

Check Point Firewall-1 3.0b through 4.0 SP1 follows symlinks and creates a world-writable temporary .cpp file when compiling Policy rules, which could allow local users to gain privileges or modify the firewall policy.

CVSS vector

AV:L/AC:L/C:C/I:C/A:CExploitability: 3.9 | Impact: 10.0

Affected Packages1 packages

▶NVDcheckpoint/firewall-13.0b

Patches

Patch: archives.neohapsis.com ↗Patch: archives.neohapsis.com ↗

🔴Vulnerability Details

GHSA

GHSA-cjvq-mg9r-jx5v: Check Point Firewall-1 3↗2022-04-30

▶

CVEList

CVE-2001-1171: Check Point Firewall-1 3↗2002-03-15

▶