Vulnerabilites related to checkpoint - quantum_spark
CVE-2024-24919 (GCVE-0-2024-24919)
Vulnerability from cvelistv5
Published
2024-05-28 18:22
Modified
2024-08-01 23:36
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- CWE-200 - Exposure of Sensitive Information to an Unauthorized Actor
Summary
Potentially allowing an attacker to read certain information on Check Point Security Gateways once connected to the internet and enabled with remote Access VPN or Mobile Access Software Blades. A Security fix that mitigates this vulnerability is available.
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| checkpoint | Check Point Quantum Gateway, Spark Gateway and CloudGuard Network |
Version: Check Point Quantum Gateway and CloudGuard Network versions R81.20, R81.10, R81, R80.40 and Check Point Spark versions R81.10, R80.20. |
{
"containers": {
"adp": [
{
"affected": [
{
"cpes": [
"cpe:2.3:o:checkpoint:quantum_security_gateway_firmware:r80.40:*:*:*:*:*:*:*"
],
"defaultStatus": "affected",
"product": "quantum_security_gateway_firmware",
"vendor": "checkpoint",
"versions": [
{
"status": "affected",
"version": "r80.40"
},
{
"status": "affected",
"version": "r81"
},
{
"status": "affected",
"version": "r81.10"
},
{
"status": "affected",
"version": "r81.20"
}
]
},
{
"cpes": [
"cpe:2.3:a:checkpoint:cloudguard_network:r80.40:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "cloudguard_network",
"vendor": "checkpoint",
"versions": [
{
"status": "affected",
"version": "r80.40"
},
{
"status": "affected",
"version": "r81"
},
{
"status": "affected",
"version": "r81.10"
},
{
"status": "affected",
"version": "r81.20"
}
]
},
{
"cpes": [
"cpe:2.3:a:checkpoint:quantum_spark_appliances:r80.40:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "quantum_spark_appliances",
"vendor": "checkpoint",
"versions": [
{
"status": "affected",
"version": "r80.40"
},
{
"status": "affected",
"version": "r81"
},
{
"status": "affected",
"version": "r81.10"
},
{
"status": "affected",
"version": "r81.20"
}
]
}
],
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-24919",
"options": [
{
"Exploitation": "active"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-05-31T04:00:11.841700Z",
"version": "2.0.3"
},
"type": "ssvc"
}
},
{
"other": {
"content": {
"dateAdded": "2024-05-30",
"reference": "https://www.cisa.gov/sites/default/files/feeds/known_exploited_vulnerabilities.json"
},
"type": "kev"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-06-04T17:43:22.149Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"timeline": [
{
"lang": "en",
"time": "2024-05-30T00:00:00+00:00",
"value": "CVE-2024-24919 added to CISA KEV"
}
],
"title": "CISA ADP Vulnrichment"
},
{
"providerMetadata": {
"dateUpdated": "2024-08-01T23:36:20.565Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://support.checkpoint.com/results/sk/sk182336"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "Check Point Quantum Gateway, Spark Gateway and CloudGuard Network",
"vendor": "checkpoint",
"versions": [
{
"status": "affected",
"version": "Check Point Quantum Gateway and CloudGuard Network versions R81.20, R81.10, R81, R80.40 and Check Point Spark versions R81.10, R80.20."
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Potentially allowing an attacker to read certain information on Check Point Security Gateways once connected to the internet and enabled with remote Access VPN or Mobile Access Software Blades. A Security fix that mitigates this vulnerability is available."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 8.6,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:N/A:N",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-200",
"description": "CWE-200: Exposure of Sensitive Information to an Unauthorized Actor",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-05-30T12:40:21.757Z",
"orgId": "897c38be-0345-43cd-b6cf-fe179e0c4f45",
"shortName": "checkpoint"
},
"references": [
{
"url": "https://support.checkpoint.com/results/sk/sk182336"
}
],
"title": "Information disclosure"
}
},
"cveMetadata": {
"assignerOrgId": "897c38be-0345-43cd-b6cf-fe179e0c4f45",
"assignerShortName": "checkpoint",
"cveId": "CVE-2024-24919",
"datePublished": "2024-05-28T18:22:19.401Z",
"dateReserved": "2024-02-01T15:19:26.279Z",
"dateUpdated": "2024-08-01T23:36:20.565Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
Vulnerability from fkie_nvd
Published
2024-05-28 19:15
Modified
2025-01-27 21:42
Severity ?
8.6 (High) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:N/A:N
8.6 (High) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:N/A:N
8.6 (High) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:N/A:N
Summary
Potentially allowing an attacker to read certain information on Check Point Security Gateways once connected to the internet and enabled with remote Access VPN or Mobile Access Software Blades. A Security fix that mitigates this vulnerability is available.
References
| ▼ | URL | Tags | |
|---|---|---|---|
| cve@checkpoint.com | https://support.checkpoint.com/results/sk/sk182336 | Mitigation, Patch, Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://support.checkpoint.com/results/sk/sk182336 | Mitigation, Patch, Vendor Advisory |
Impacted products
{
"cisaActionDue": "2024-06-20",
"cisaExploitAdd": "2024-05-30",
"cisaRequiredAction": "Apply mitigations per vendor instructions or discontinue use of the product if mitigations are unavailable.",
"cisaVulnerabilityName": "Check Point Quantum Security Gateways Information Disclosure Vulnerability",
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:checkpoint:quantum_security_gateway_firmware:r80.40:*:*:*:*:*:*:*",
"matchCriteriaId": "A0002A29-8B42-445D-9EC4-58BC93194241",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:checkpoint:quantum_security_gateway:-:*:*:*:*:*:*:*",
"matchCriteriaId": "9016DDF6-285C-4E64-88D0-29ECCEF048F8",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:checkpoint:cloudguard_network_security:r80.40:*:*:*:*:*:*:*",
"matchCriteriaId": "A382E0DC-2BBA-4EC9-A695-8062C3DC405D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:checkpoint:cloudguard_network_security:r81.0:*:*:*:*:*:*:*",
"matchCriteriaId": "3B134BAA-A9A2-4060-9CDE-3AB9770F07FF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:checkpoint:cloudguard_network_security:r81.10:*:*:*:*:*:*:*",
"matchCriteriaId": "4FCE5DC3-745A-4FC4-A2EF-AC4931E2A630",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:checkpoint:cloudguard_network_security:r81.20:*:*:*:*:*:*:*",
"matchCriteriaId": "121E2863-57A8-41F1-B7E0-B41600959A5E",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:checkpoint:quantum_security_gateway_firmware:r81.20:*:*:*:*:*:*:*",
"matchCriteriaId": "26705EAD-B1B6-40DB-8C10-1070E92E86F3",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:checkpoint:quantum_security_gateway:-:*:*:*:*:*:*:*",
"matchCriteriaId": "9016DDF6-285C-4E64-88D0-29ECCEF048F8",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:checkpoint:quantum_security_gateway_firmware:r81.10:*:*:*:*:*:*:*",
"matchCriteriaId": "AD9F864E-435C-4753-9831-EDBE4ABD7B31",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:checkpoint:quantum_security_gateway:-:*:*:*:*:*:*:*",
"matchCriteriaId": "9016DDF6-285C-4E64-88D0-29ECCEF048F8",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:checkpoint:quantum_security_gateway_firmware:r81.0:*:*:*:*:*:*:*",
"matchCriteriaId": "E8E08B0C-4876-40A9-A422-3D327501F531",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:checkpoint:quantum_security_gateway:-:*:*:*:*:*:*:*",
"matchCriteriaId": "9016DDF6-285C-4E64-88D0-29ECCEF048F8",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:checkpoint:quantum_spark_firmware:r81.10:*:*:*:*:*:*:*",
"matchCriteriaId": "BD5A3388-8310-4FA4-AD07-771F2E983674",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:checkpoint:quantum_spark:-:*:*:*:*:*:*:*",
"matchCriteriaId": "FC94897D-88D2-4F56-BEBC-04899FE17197",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:checkpoint:quantum_spark_firmware:r80.20:*:*:*:*:*:*:*",
"matchCriteriaId": "0F325578-5CB0-486A-BD44-18E4BFB52441",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:checkpoint:quantum_spark:-:*:*:*:*:*:*:*",
"matchCriteriaId": "FC94897D-88D2-4F56-BEBC-04899FE17197",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Potentially allowing an attacker to read certain information on Check Point Security Gateways once connected to the internet and enabled with remote Access VPN or Mobile Access Software Blades. A Security fix that mitigates this vulnerability is available."
},
{
"lang": "es",
"value": "Potencialmente, permitir que un atacante lea cierta informaci\u00f3n en Check Point Security Gateways una vez conectado a Internet y habilitado con VPN de acceso remoto o software Blades de acceso m\u00f3vil. Hay disponible una soluci\u00f3n de seguridad que mitiga esta vulnerabilidad."
}
],
"id": "CVE-2024-24919",
"lastModified": "2025-01-27T21:42:18.743",
"metrics": {
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 8.6,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:N/A:N",
"version": "3.1"
},
"exploitabilityScore": 3.9,
"impactScore": 4.0,
"source": "cve@checkpoint.com",
"type": "Secondary"
},
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 8.6,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:N/A:N",
"version": "3.1"
},
"exploitabilityScore": 3.9,
"impactScore": 4.0,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2024-05-28T19:15:10.060",
"references": [
{
"source": "cve@checkpoint.com",
"tags": [
"Mitigation",
"Patch",
"Vendor Advisory"
],
"url": "https://support.checkpoint.com/results/sk/sk182336"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mitigation",
"Patch",
"Vendor Advisory"
],
"url": "https://support.checkpoint.com/results/sk/sk182336"
}
],
"sourceIdentifier": "cve@checkpoint.com",
"vulnStatus": "Analyzed",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-200"
}
],
"source": "cve@checkpoint.com",
"type": "Secondary"
},
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-noinfo"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}