CVE-2022-23746

2022-11-3000:00:00

CWE-307

checkpoint

www.cve.org

ipsec

vpn

brute-force

attack

usernames

passwords

0.002 Low

EPSS

Percentile

51.5%

JSON

The IPsec VPN blade has a dedicated portal for downloading and connecting through SSL Network Extender (SNX). If the portal is configured for username/password authentication, it is vulnerable to a brute-force attack on usernames and passwords.

CNA Affected

[
  {
    "vendor": "n/a",
    "product": "Gateway & Management, IPsec VPN blade SNX portal.",
    "versions": [
      {
        "version": "R81.10 before take 79, R81 before take 77, R80.40 before take 180, R80.30 before take 255, R80.20 before 230",
        "status": "affected"
      }
    ]
  }
]

References

supportcenter.checkpoint.com/supportcenter/portal?eventSubmit_doGoviewsolutiondetails=&solutionid=sk180271

0.002 Low

EPSS

Percentile

51.5%

JSON

Related for CVELIST:CVE-2022-23746