CVE-2011-1827 — Checkpoint Connectra NGX vulnerability

3 documents3 sources

Severity

9.3CRITICALNVD

EPSS

2.6%

top 14.31%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

Checkpoint Connectra NGX Checkpoint Vpn-1 Checkpoint Vpn-1 Firewall-1 VSX

Timeline

PublishedOct 5

Latest updateMay 17

Description

Multiple unspecified vulnerabilities in Check Point SSL Network Extender (SNX), SecureWorkSpace, and Endpoint Security On-Demand, as distributed by SecurePlatform, IPSO6, Connectra, and VSX, allow remote attackers to execute arbitrary code via vectors involving a (1) ActiveX control or (2) Java applet.

CVSS vector

AV:N/AC:M/C:C/I:C/A:CExploitability: 8.6 | Impact: 10.0

Affected Packages3 packages

▶NVDcheckpoint/connectra_ngxr66.1, r66.1n+1

▶NVDcheckpoint/vpn-14 versions+3

▶NVDcheckpoint/vpn-1_firewall-1_vsxr65.20, r67+1

🔴Vulnerability Details

GHSA

GHSA-qf7f-g953-jj25: Multiple unspecified vulnerabilities in Check Point SSL Network Extender (SNX), SecureWorkSpace, and Endpoint Security On-Demand, as distributed by Se↗2022-05-17

▶

CVEList

CVE-2011-1827: Multiple unspecified vulnerabilities in Check Point SSL Network Extender (SNX), SecureWorkSpace, and Endpoint Security On-Demand, as distributed by Se↗2011-10-05

▶