CVE-2001-1431 — Checkpoint Firewall-1 vulnerability

3 documents3 sources

Severity

5.0MEDIUMNVD

EPSS

0.8%

top 26.77%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

Checkpoint Firewall-1 Checkpoint Vpn-1 Nokia Firewall Appliance

Timeline

PublishedOct 8

Latest updateApr 30

Description

Nokia Firewall Appliances running IPSO 3.3 and VPN-1/FireWall-1 4.1 Service Pack 3, IPSO 3.4 and VPN-1/FireWall-1 4.1 Service Pack 4, and IPSO 3.4 or IPSO 3.4.1 and VPN-1/FireWall-1 4.1 Service Pack 5, when SYN Defender is configured in Active Gateway mode, does not properly rewrite the third packet of a TCP three-way handshake to use the NAT IP address, which allows remote attackers to gain sensitive information.

CVSS vector

AV:N/AC:L/C:P/I:N/A:NExploitability: 10.0 | Impact: 2.9

Affected Packages3 packages

▶NVDnokia/firewall_applianceipso_3.3, ipso_3.4, ipso_3.41+2

▶NVDcheckpoint/firewall-14.1

▶NVDcheckpoint/vpn-14.1

🔴Vulnerability Details

GHSA

GHSA-wcw3-c4wg-3jxf: Nokia Firewall Appliances running IPSO 3↗2022-04-30

▶

CVEList

CVE-2001-1431: Nokia Firewall Appliances running IPSO 3↗2005-03-24

▶