Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
checkpoint_securityCheck Point Security AlertsCPS:SK178887
HistoryApr 24, 2022 - 11:03 p.m.

Check Point Response to CVE-2022-21449 Java "Psychic Signatures"

2022-04-2423:03:49
Check Point Security Alerts
supportcenter.checkpoint.com
5
check point
cve-2022-21449
java
psychic signatures
vulnerability
ecdsa
infinity architecture
quantum security gateways
smart management
quantum spark appliances
gaia embedded os
harmony endpoint
harmony mobile
threatcloud
cloudguard
software versions
support versions
appliances

EPSS

0.001

Percentile

39.7%

JSON

Solution

On April 20, 2022, security researcher Neil Madden published a blog post in which he provided details about a newly disclosed vulnerability in Java, CVE-2022-21449 or “Psychic Signatures”. This security vulnerability originates in an incorrect implementation of the ECDSA signature verification algorithm, introduced in Java 15.

The Check Point Infinity architecture is protected against this threat. We verified that this vulnerability does not affect our Infinity portfolio (including Quantum Security Gateways, Smart Management, Quantum Spark appliances with Gaia Embedded OS, Harmony Endpoint, Harmony Mobile, ThreatCloud, and CloudGuard).

Check Point Products Status

Notes:

  • All Check Point software versions, including out of support versions, are not vulnerable.
  • All Check Point appliances are not vulnerable.

Related

debiancve 1
thn 1
alpinelinux 1
githubexploit 10
nvd 1
ubuntucve 1
openvas 12
cvelist 1
redhatcve 1
prion 1
veracode 1
checkpoint_advisories 1
f5 2
osv 7
cve 1
nessus 27
amazon 1
redhat 5
ibm 4
kaspersky 1
rocky 1
debian 2
ubuntu 3
oraclelinux 2
trellix 2
almalinux 1
malwarebytes 1
suse 1
redos 1
oracle 1
debiancve
debiancve
CVE-2022-21449
2022-04-19 21:15:16
thn
thn
Researcher Releases PoC for Recent Java Cryptographic Vulnerability
2022-04-22 11:43:00
alpinelinux
alpinelinux
CVE-2022-21449
2022-04-19 21:15:16
githubexploit
githubexploit
Exploit for CVE-2022-21449
2022-04-24 10:59:11
Exploit for CVE-2022-21449
2022-04-20 20:31:15
Exploit for CVE-2022-21449
2022-07-29 16:33:10
nvd
nvd
CVE-2022-21449
2022-04-19 21:15:16
ubuntucve
ubuntucve
CVE-2022-21449
2022-04-19 00:00:00
openvas
openvas
Elastic Elasticsearch Java Vulnerability (ESA-2022-06)
2022-06-07 00:00:00
Oracle OpenJDK ECDSA Signatures Vulnerability (CVE-2022-21449)
2022-04-21 00:00:00
Oracle Java SE Security Update (apr2022) - Linux
2022-04-20 00:00:00
cvelist
cvelist
CVE-2022-21449
2022-04-19 20:37:39
redhatcve
redhatcve
CVE-2022-21449
2022-04-20 08:23:51
prion
prion
Design/Logic Flaw
2022-04-19 21:15:00
veracode
veracode
Signature Verification Bypass
2022-04-22 22:35:37
checkpoint_advisories
checkpoint_advisories
Oracle Java SE Authentication Bypass (CVE-2022-21449)
2022-05-11 00:00:00
f5
f5
K45356577 : Java vulnerability CVE-2022-21449
2022-05-12 00:00:00
K32172755 : Multiple Java vulnerabilities CVE-2022-21426, CVE-2022-21434, CVE-2022-21443, CVE-2022-21449, CVE-2022-21476 and CVE-2022-21496
2022-05-27 00:00:00
osv
osv
CVE-2022-21449
2022-04-19 21:15:16
Important: java-17-openjdk security and bug fix update
2022-04-20 12:21:21
openjdk-17 - security update
2022-05-03 00:00:00
cve
cve
CVE-2022-21449
2022-04-19 21:15:16
nessus
nessus
Zimbra Collaboration Server 8.8.x < 8.8.15 Patch 45, 9.x < 9.0.0 Patch 38, 10.0.x < 10.0.6 Multiple Vulnerabilities
2024-03-14 00:00:00
Amazon Linux 2 : java-17-amazon-corretto (ALAS-2022-1791)
2022-04-27 00:00:00
Oracle Java SE Multiple Vulnerabilities (Unix April 2022 CPU) deprecated
2022-04-20 00:00:00
amazon
amazon
Important: java-17-amazon-corretto
2022-04-25 23:54:00
redhat
redhat
(RHSA-2022:1436) Important: OpenJDK 17.0.3 security update for Portable Linux Builds
2022-04-28 19:02:41
(RHSA-2022:1437) Important: OpenJDK 17.0.3 security update for Windows Builds
2022-04-28 19:02:34
(RHSA-2022:1445) Important: java-17-openjdk security and bug fix update
2022-04-20 12:21:21
ibm
ibm
Security Bulletin: Multiple vulnerabilities may affect IBM® Semeru Runtime
2022-05-25 09:44:34
Security Bulletin: Multiple security vulnerabilities may affect IBM Robotic Process Automation for Cloud Pak
2022-10-06 04:10:57
Security Bulletin: Multiple Java DOS vulnerabilities detected
2022-09-28 21:24:11
kaspersky
kaspersky
KLA12516 Multiple vulnerabilities in Oracle Java SE and GraalVM
2022-04-19 00:00:00
rocky
rocky
java-17-openjdk security and bug fix update
2022-04-20 12:21:21
debian
debian
[SECURITY] [DSA 5131-1] openjdk-11 security update
2022-05-05 17:16:55
[SECURITY] [DSA 5128-1] openjdk-17 security update
2022-05-03 21:01:53
ubuntu
ubuntu
OpenJDK vulnerabilities
2022-04-26 00:00:00
OpenJDK vulnerabilities
2022-08-04 00:00:00
OpenJDK 8 vulnerabilities
2022-08-04 00:00:00
oraclelinux
oraclelinux
java-17-openjdk security update
2022-06-30 00:00:00
java-17-openjdk security and bug fix update
2022-04-20 00:00:00
trellix
trellix
The Bug Report – April 2022 Edition
2022-05-04 00:00:00
The Bug Report – April 2022 Edition
2022-05-04 00:00:00
almalinux
almalinux
Important: java-17-openjdk security and bug fix update
2022-04-20 12:21:21
malwarebytes
malwarebytes
Oracle releases massive Critical Patch Update containing 520 security patches
2022-04-20 14:53:54
suse
suse
Security update for java-1_8_0-ibm (important)
2022-08-03 00:00:00
redos
redos
ROS-20240529-01
2024-05-29 00:00:00
oracle
oracle
Oracle Critical Patch Update Advisory - April 2022
2022-04-19 00:00:00

EPSS

0.001

Percentile

39.7%

JSON
Related for CPS:SK178887
debiancve1thn1alpinelinux1githubexploit10nvd1ubuntucve1openvas12cvelist1redhatcve1prion1veracode1checkpoint_advisories1f52osv7cve1nessus27amazon1redhat5ibm4kaspersky1rocky1debian2ubuntu3oraclelinux2trellix2almalinux1malwarebytes1suse1redos1oracle1