CVE-2014-1672

CWE-2643 documents3 sources

Severity

4.0MEDIUM

EPSS

0.3%

top 51.15%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

Checkpoint Management Server Checkpoint Security Gateway

Timeline

PublishedJan 26

Latest updateMay 14

Description

Check Point R75.47 Security Gateway and Management Server does not properly enforce Anti-Spoofing when the routing table is modified and the "Get - Interfaces with Topology" action is performed, which allows attackers to bypass intended access restrictions.

CVSS vector

AV:N/AC:H/C:P/I:P/A:NExploitability: 4.9 | Impact: 4.9

Affected Packages2 packages

▶NVDcheckpoint/security_gatewayr75.47

▶NVDcheckpoint/management_serverr75.47

🔴Vulnerability Details

GHSA

GHSA-9xhq-43jj-cc97: Check Point R75↗2022-05-14

▶

CVEList

CVE-2014-1672: Check Point R75↗2014-01-26

▶