CVE-2005-2889 — Checkpoint Connectra NGX vulnerability

3 documents3 sources

Severity

7.5HIGHNVD

EPSS

0.5%

top 34.09%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

Checkpoint Connectra NGX

Timeline

PublishedSep 14

Latest updateMay 1

Description

Check Point NGX R60 does not properly verify packets against the predefined service group "CIFS" rule, which allows remote attackers to bypass intended restrictions.

CVSS vector

AV:N/AC:L/C:P/I:P/A:PExploitability: 10.0 | Impact: 6.4

Affected Packages1 packages

▶NVDcheckpoint/connectra_ngxr60

🔴Vulnerability Details

GHSA

GHSA-p4vc-pf7r-2vq9: Check Point NGX R60 does not properly verify packets against the predefined service group "CIFS" rule, which allows remote attackers to bypass intende↗2022-05-01

▶

CVEList

CVE-2005-2889: Check Point NGX R60 does not properly verify packets against the predefined service group "CIFS" rule, which allows remote attackers to bypass intende↗2005-09-14

▶