CVE-2002-2405Checkpoint Firewall-1 vulnerability

CWE-2643 documents3 sources
Severity
4.9MEDIUMNVD
EPSS
0.3%
top 46.13%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
1
Checkpoint Firewall-1
Timeline
PublishedDec 31
Latest updateApr 30

Description

Check Point FireWall-1 4.1 and Next Generation (NG), with UserAuth configured to proxy HTTP traffic only, allows remote attackers to pass unauthorized HTTPS, FTP and possibly other traffic through the firewall.

CVSS vector

AV:N/AC:M/C:P/I:P/A:NExploitability: 6.8 | Impact: 4.9

Affected Packages1 packages

NVDcheckpoint/firewall-14.1, ng+1

🔴Vulnerability Details

2
GHSA
GHSA-qx7c-rg3g-8mqh: Check Point FireWall-1 42022-04-30
CVEList
CVE-2002-2405: Check Point FireWall-1 42007-11-01