Search criteria
3 vulnerabilities found for mobile_access_portal_agent by checkpoint
FKIE_CVE-2021-30358
Vulnerability from fkie_nvd - Published: 2021-10-19 14:15 - Updated: 2024-11-21 06:03
Severity ?
Summary
Mobile Access Portal Native Applications who's path is defined by the administrator with environment variables may run applications from other locations by the Mobile Access Portal Agent.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| checkpoint | mobile_access_portal_agent | r80.20 | |
| checkpoint | mobile_access_portal_agent | r80.30 | |
| checkpoint | mobile_access_portal_agent | r80.40 | |
| checkpoint | mobile_access_portal_agent | r81 | |
| checkpoint | mobile_access_portal_agent | r81.10 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:checkpoint:mobile_access_portal_agent:r80.20:*:*:*:*:*:*:*",
"matchCriteriaId": "69158B73-009F-4260-A497-FD1DF60E219D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:checkpoint:mobile_access_portal_agent:r80.30:*:*:*:*:*:*:*",
"matchCriteriaId": "1A2D8E97-6A75-449A-A9E5-7130B84DAAC4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:checkpoint:mobile_access_portal_agent:r80.40:*:*:*:*:*:*:*",
"matchCriteriaId": "E83F57D6-342D-4C29-8FEC-BF2C4FAF2F92",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:checkpoint:mobile_access_portal_agent:r81:*:*:*:*:*:*:*",
"matchCriteriaId": "A13A20F4-3CD7-47FD-A9A2-9E2FEE1BE6E5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:checkpoint:mobile_access_portal_agent:r81.10:*:*:*:*:*:*:*",
"matchCriteriaId": "4C0EFA86-2BED-470F-98B4-7B78DE59E66F",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Mobile Access Portal Native Applications who\u0027s path is defined by the administrator with environment variables may run applications from other locations by the Mobile Access Portal Agent."
},
{
"lang": "es",
"value": "Las Aplicaciones Nativas del Portal de Acceso M\u00f3vil cuya ruta est\u00e1 definida por el administrador con variables de entorno pueden ejecutar aplicaciones desde otras ubicaciones por el agente del portal de acceso m\u00f3vil"
}
],
"id": "CVE-2021-30358",
"lastModified": "2024-11-21T06:03:56.573",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "SINGLE",
"availabilityImpact": "PARTIAL",
"baseScore": 6.0,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:M/Au:S/C:P/I:P/A:P",
"version": "2.0"
},
"exploitabilityScore": 6.8,
"impactScore": 6.4,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.2,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 1.2,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2021-10-19T14:15:08.243",
"references": [
{
"source": "cve@checkpoint.com",
"tags": [
"Vendor Advisory"
],
"url": "https://supportcontent.checkpoint.com/solutions?id=sk142952"
},
{
"source": "cve@checkpoint.com",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "https://supportcontent.checkpoint.com/solutions?id=sk175806"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://supportcontent.checkpoint.com/solutions?id=sk142952"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "https://supportcontent.checkpoint.com/solutions?id=sk175806"
}
],
"sourceIdentifier": "cve@checkpoint.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-78"
}
],
"source": "cve@checkpoint.com",
"type": "Secondary"
},
{
"description": [
{
"lang": "en",
"value": "CWE-78"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
CVE-2021-30358 (GCVE-0-2021-30358)
Vulnerability from cvelistv5 – Published: 2021-10-19 13:32 – Updated: 2024-08-03 22:32
VLAI?
Summary
Mobile Access Portal Native Applications who's path is defined by the administrator with environment variables may run applications from other locations by the Mobile Access Portal Agent.
Severity ?
No CVSS data available.
CWE
- CWE-78 - Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')
Assigner
References
| URL | Tags | |||||||
|---|---|---|---|---|---|---|---|---|
|
||||||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| n/a | Check Point Mobile Access Portal Agent |
Affected:
before build 800007042
|
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T22:32:41.139Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://supportcontent.checkpoint.com/solutions?id=sk142952"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://supportcontent.checkpoint.com/solutions?id=sk175806"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "Check Point Mobile Access Portal Agent",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "before build 800007042"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Mobile Access Portal Native Applications who\u0027s path is defined by the administrator with environment variables may run applications from other locations by the Mobile Access Portal Agent."
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-78",
"description": "CWE-78: Improper Neutralization of Special Elements used in an OS Command (\u0027OS Command Injection\u0027)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2021-10-19T13:34:09",
"orgId": "897c38be-0345-43cd-b6cf-fe179e0c4f45",
"shortName": "checkpoint"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://supportcontent.checkpoint.com/solutions?id=sk142952"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://supportcontent.checkpoint.com/solutions?id=sk175806"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@checkpoint.com",
"ID": "CVE-2021-30358",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Check Point Mobile Access Portal Agent",
"version": {
"version_data": [
{
"version_value": "before build 800007042"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Mobile Access Portal Native Applications who\u0027s path is defined by the administrator with environment variables may run applications from other locations by the Mobile Access Portal Agent."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-78: Improper Neutralization of Special Elements used in an OS Command (\u0027OS Command Injection\u0027)"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://supportcontent.checkpoint.com/solutions?id=sk142952",
"refsource": "MISC",
"url": "https://supportcontent.checkpoint.com/solutions?id=sk142952"
},
{
"name": "https://supportcontent.checkpoint.com/solutions?id=sk175806",
"refsource": "MISC",
"url": "https://supportcontent.checkpoint.com/solutions?id=sk175806"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "897c38be-0345-43cd-b6cf-fe179e0c4f45",
"assignerShortName": "checkpoint",
"cveId": "CVE-2021-30358",
"datePublished": "2021-10-19T13:32:46",
"dateReserved": "2021-04-07T00:00:00",
"dateUpdated": "2024-08-03T22:32:41.139Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2021-30358 (GCVE-0-2021-30358)
Vulnerability from nvd – Published: 2021-10-19 13:32 – Updated: 2024-08-03 22:32
VLAI?
Summary
Mobile Access Portal Native Applications who's path is defined by the administrator with environment variables may run applications from other locations by the Mobile Access Portal Agent.
Severity ?
No CVSS data available.
CWE
- CWE-78 - Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')
Assigner
References
| URL | Tags | |||||||
|---|---|---|---|---|---|---|---|---|
|
||||||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| n/a | Check Point Mobile Access Portal Agent |
Affected:
before build 800007042
|
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T22:32:41.139Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://supportcontent.checkpoint.com/solutions?id=sk142952"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://supportcontent.checkpoint.com/solutions?id=sk175806"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "Check Point Mobile Access Portal Agent",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "before build 800007042"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Mobile Access Portal Native Applications who\u0027s path is defined by the administrator with environment variables may run applications from other locations by the Mobile Access Portal Agent."
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-78",
"description": "CWE-78: Improper Neutralization of Special Elements used in an OS Command (\u0027OS Command Injection\u0027)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2021-10-19T13:34:09",
"orgId": "897c38be-0345-43cd-b6cf-fe179e0c4f45",
"shortName": "checkpoint"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://supportcontent.checkpoint.com/solutions?id=sk142952"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://supportcontent.checkpoint.com/solutions?id=sk175806"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@checkpoint.com",
"ID": "CVE-2021-30358",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Check Point Mobile Access Portal Agent",
"version": {
"version_data": [
{
"version_value": "before build 800007042"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Mobile Access Portal Native Applications who\u0027s path is defined by the administrator with environment variables may run applications from other locations by the Mobile Access Portal Agent."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-78: Improper Neutralization of Special Elements used in an OS Command (\u0027OS Command Injection\u0027)"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://supportcontent.checkpoint.com/solutions?id=sk142952",
"refsource": "MISC",
"url": "https://supportcontent.checkpoint.com/solutions?id=sk142952"
},
{
"name": "https://supportcontent.checkpoint.com/solutions?id=sk175806",
"refsource": "MISC",
"url": "https://supportcontent.checkpoint.com/solutions?id=sk175806"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "897c38be-0345-43cd-b6cf-fe179e0c4f45",
"assignerShortName": "checkpoint",
"cveId": "CVE-2021-30358",
"datePublished": "2021-10-19T13:32:46",
"dateReserved": "2021-04-07T00:00:00",
"dateUpdated": "2024-08-03T22:32:41.139Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}