CVE-2004-2679Checkpoint Firewall-1 vulnerability

3 documents3 sources
Severity
7.8HIGHNVD
EPSS
0.4%
top 37.12%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
1
Checkpoint Firewall-1
Timeline
PublishedDec 31
Latest updateApr 29

Description

Check Point Firewall-1 4.1 up to NG AI R55 allows remote attackers to obtain potentially sensitive information by sending an Internet Key Exchange (IKE) with a certain Vendor ID payload that causes Firewall-1 to return a response containing version and other information.

CVSS vector

AV:N/AC:L/C:C/I:N/A:NExploitability: 10.0 | Impact: 6.9

Affected Packages1 packages

NVDcheckpoint/firewall-14.0, 4.1, r55+2

🔴Vulnerability Details

2
GHSA
GHSA-685v-wjj6-4qpx: Check Point Firewall-1 42022-04-29
CVEList
CVE-2004-2679: Check Point Firewall-1 42007-02-27
CVE-2004-2679 — Checkpoint Firewall-1 vulnerability | cvebase