Security Gateway Security Vulnerabilities and Issues — Security Gateway CVE List

CheckpointSecurity Gateway

8 matches found

CVE•added 2014/09/24 6:0 p.m.•2863 views

CVE-2014-6271

CVE-2014-6271 (Shellshock) affects GNU Bash up to 4.3, enabling remote code execution by processing trailing strings after function definitions in environment variables. Exploitation vectors include OpenSSH ForceCommand, mod_cgi/mod_cgid in Apache, DHCP client scripts, and other environment-passi...

10CVSS9.9AI score0.99999EPSS

In wild

CVE•added 2014/09/25 1:0 a.m.•1324 views

CVE-2014-7169

CVE-2014-7169 affects GNU Bash up to 4.3, where parsing of function definitions in environment variables can be exploited to run commands or impact other attributes across privilege boundaries (notably via ForceCommand in OpenSSH sshd and via mod_cgi/mod_cgid in Apache, as well as DHCP client scr...

10CVSS8.4AI score0.9994EPSS

In wild

CVE•added 2019/10/02 4:37 p.m.•61 views

CVE-2019-8462

CVE-2019-8462 affects Check Point Security Gateway GAIA v80.30 (R80.30) when the Threat Prevention Forensics feature is enabled and enhanced-logging is configured. Multiple sources describe a DoS condition where an authenticated, local attacker can trigger a crash/stop responding behavior by send...

7.5CVSS7.5AI score0.01348EPSS

CVE•added 2014/04/01 1:0 a.m.•50 views

CVE-2013-7350

Check Point Security Gateway 80 R71.x (before R71.45) and R75.20.x (before R75.20.4) as well as 600 and 1100 appliances (R75.20.x before R75.20.42) are associated with CVE-2013-7350. The available records describe multiple unspecified vulnerabilities with unknown impact and attack vectors tied to...

10CVSS6.9AI score0.01366EPSS

CVE•added 2014/11/16 5:0 p.m.•50 views

CVE-2014-8951

Technical details (affected product, component, root cause, versions, or remediation) are not publicly provided in the supplied documents. Monitor for updates.

7.1CVSS6.9AI score0.01548EPSS

CVE•added 2014/11/16 5:0 p.m.•49 views

CVE-2014-8952

CVE-2014-8952 affects Check Point Security Gateway versions R75.40VS, R75.45, R75.46, R75.47, R76, R77, and R77.10. Connected documents identify a root cause described as a race condition in the modules (IPS blade, IPsec Remote Access, Mobile Access/SSL VPN blade, SSL Network Extender, Identify A...

7.1CVSS7.2AI score0.01548EPSS

CVE•added 2014/11/16 5:0 p.m.•47 views

CVE-2014-8950

The CVE-2014-8950 entry concerns Check Point Security Gateway versions R77 and R77.10. The vulnerability affects the URL Filtering and Identity Awareness blades, where an HTTPS request can trigger a denial-of-service (crash). The available documents confirm the affected product and blades, and th...

7.1CVSS6.8AI score0.01548EPSS

CVE•added 2014/01/26 1:0 a.m.•43 views

CVE-2014-1672

CVE-2014-1672 affects Check Point R75.47 Security Gateway and Management Server. The issue is improper enforcement of anti-spoofing when the routing table is modified and the Get - Interfaces with Topology action is used, enabling attackers to bypass intended access restrictions. The NVD entry li...

4CVSS6.8AI score0.00851EPSS