Lucene search

[email protected]NVD:CVE-2002-2405

HistoryDec 31, 2002 - 5:00 a.m.

CVE-2002-2405

2002-12-3105:00:00

CWE-264

[email protected]

web.nvd.nist.gov

CVSS2

4.9

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

SINGLE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:N/AC:M/Au:S/C:P/I:P/A:N

AI Score

6.8

Confidence

Low

EPSS

0.002

Percentile

52.2%

JSON

Check Point FireWall-1 4.1 and Next Generation (NG), with UserAuth configured to proxy HTTP traffic only, allows remote attackers to pass unauthorized HTTPS, FTP and possibly other traffic through the firewall.

Affected configurations

Nvd

Node

checkpointfirewall-1Match4.1

checkpointfirewall-1Matchng

VendorProductVersionCPE
checkpointfirewall-14.1cpe:2.3:a:checkpoint:firewall-1:4.1:*:*:*:*:*:*:*
checkpointfirewall-1ngcpe:2.3:a:checkpoint:firewall-1:ng:*:*:*:*:*:*:*

Vendor	Product	Version	CPE
checkpoint	firewall-1	4.1	cpe:2.3:a:checkpoint:firewall-1:4.1:::::::*
checkpoint	firewall-1	ng	cpe:2.3:a:checkpoint:firewall-1:ng:::::::*

References

archives.neohapsis.com/archives/bugtraq/2002-09/0219.html

www.iss.net/security_center/static/10139.php

www.securityfocus.com/bid/5744

CVSS2

4.9

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

SINGLE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:N/AC:M/Au:S/C:P/I:P/A:N

AI Score

6.8

Confidence

Low

EPSS

0.002

Percentile

52.2%

JSON

Related for NVD:CVE-2002-2405

cvelist1 cve1