cvelistv5 - CVE-2022-23744

CVE-2022-23744 (GCVE-0-2022-23744)

Vulnerability from cvelistv5 – Published: 2022-07-07 15:51 – Updated: 2024-08-03 03:51

Summary

Check Point Endpoint before version E86.50 failed to protect against specific registry change which allowed to disable endpoint protection by a local administrator.

Severity ?

No CVSS data available.

CWE

CWE-470 - Use of Externally-Controlled Input to Select Classes or Code ('Unsafe Reflection')

Assigner

checkpoint

References

URL

Tags

https://supportcenter.checkpoint.com/supportcente…

x_refsource_MISC

Impacted products

	Vendor	Product	Version
	n/a	Enterprise Endpoint Security Windows Clients.	Affected: before E86.50

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-03T03:51:45.906Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "https://supportcenter.checkpoint.com/supportcenter/portal?eventSubmit_doGoviewsolutiondetails=\u0026solutionid=sk179609"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "Enterprise Endpoint Security Windows Clients.",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "before E86.50"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "Check Point Endpoint before version E86.50 failed to protect against specific registry change which allowed to disable endpoint protection by a local administrator."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-470",
              "description": "CWE-470: Use of Externally-Controlled Input to Select Classes or Code (\u0027Unsafe Reflection\u0027)",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2022-07-08T17:07:36",
        "orgId": "897c38be-0345-43cd-b6cf-fe179e0c4f45",
        "shortName": "checkpoint"
      },
      "references": [
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://supportcenter.checkpoint.com/supportcenter/portal?eventSubmit_doGoviewsolutiondetails=\u0026solutionid=sk179609"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "cve@checkpoint.com",
          "ID": "CVE-2022-23744",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "Enterprise Endpoint Security Windows Clients.",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "before E86.50"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "Check Point Endpoint before version E86.50 failed to protect against specific registry change which allowed to disable endpoint protection by a local administrator."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "CWE-470: Use of Externally-Controlled Input to Select Classes or Code (\u0027Unsafe Reflection\u0027)"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "https://supportcenter.checkpoint.com/supportcenter/portal?eventSubmit_doGoviewsolutiondetails=\u0026solutionid=sk179609",
              "refsource": "MISC",
              "url": "https://supportcenter.checkpoint.com/supportcenter/portal?eventSubmit_doGoviewsolutiondetails=\u0026solutionid=sk179609"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "897c38be-0345-43cd-b6cf-fe179e0c4f45",
    "assignerShortName": "checkpoint",
    "cveId": "CVE-2022-23744",
    "datePublished": "2022-07-07T15:51:44",
    "dateReserved": "2022-01-19T00:00:00",
    "dateUpdated": "2024-08-03T03:51:45.906Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1",
  "vulnerability-lookup:meta": {
    "fkie_nvd": {
      "configurations": "[{\"nodes\": [{\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:checkpoint:endpoint_security:e83:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"7328CB79-D332-40DE-923F-2E15F55059FB\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:checkpoint:endpoint_security:e84:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"2D42E00B-D31F-4474-9B6C-EF976C49487B\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:checkpoint:endpoint_security:e85:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"D2476021-2883-4895-87A6-7E22C3EC7E59\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:checkpoint:endpoint_security:e86.10:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"98319B9E-2E17-428C-B830-99A06398877E\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:checkpoint:endpoint_security:e86.20:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"ACEEC052-70AA-4E2B-864C-8D2EDF213846\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:checkpoint:endpoint_security:e86.30:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"9278FDB9-261A-46C1-AF87-F5F3C89061FE\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:checkpoint:endpoint_security:e86.40:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"1817EFFD-8CEF-4F9C-BE60-FB7582682E56\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:checkpoint:harmony_endpoint:e83:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"14C59AE8-CC3E-4692-9705-EAF32BDBE19A\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:checkpoint:harmony_endpoint:e84:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"2E4093F5-3F40-415C-B0F9-1D17DE15891E\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:checkpoint:harmony_endpoint:e85:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"7A683B31-6BD5-4FB6-9112-C84CAEAAF410\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:checkpoint:harmony_endpoint:e86.10:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"E63A3DBA-A575-4DCA-95BD-A19B0DB4D934\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:checkpoint:harmony_endpoint:e86.20:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"C9A288DC-507B-4B17-964E-9F93EC6D7795\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:checkpoint:harmony_endpoint:e86.30:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"BF816B77-93FE-49F2-9B1B-04AAEFAD164D\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:checkpoint:harmony_endpoint:e86.40:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"8B0E733B-86AC-4495-9900-06B17AA4FAE2\"}]}]}]",
      "descriptions": "[{\"lang\": \"en\", \"value\": \"Check Point Endpoint before version E86.50 failed to protect against specific registry change which allowed to disable endpoint protection by a local administrator.\"}, {\"lang\": \"es\", \"value\": \"Check Point Endpoint antes de la versi\\u00f3n E86.50 no proteg\\u00eda contra un cambio espec\\u00edfico en el registro que permit\\u00eda desactivar la protecci\\u00f3n de los puntos finales por un administrador local\"}]",
      "id": "CVE-2022-23744",
      "lastModified": "2024-11-21T06:49:13.467",
      "metrics": "{\"cvssMetricV31\": [{\"source\": \"nvd@nist.gov\", \"type\": \"Primary\", \"cvssData\": {\"version\": \"3.1\", \"vectorString\": \"CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:L\", \"baseScore\": 2.3, \"baseSeverity\": \"LOW\", \"attackVector\": \"LOCAL\", \"attackComplexity\": \"LOW\", \"privilegesRequired\": \"HIGH\", \"userInteraction\": \"NONE\", \"scope\": \"UNCHANGED\", \"confidentialityImpact\": \"NONE\", \"integrityImpact\": \"NONE\", \"availabilityImpact\": \"LOW\"}, \"exploitabilityScore\": 0.8, \"impactScore\": 1.4}], \"cvssMetricV2\": [{\"source\": \"nvd@nist.gov\", \"type\": \"Primary\", \"cvssData\": {\"version\": \"2.0\", \"vectorString\": \"AV:L/AC:L/Au:N/C:N/I:N/A:P\", \"baseScore\": 2.1, \"accessVector\": \"LOCAL\", \"accessComplexity\": \"LOW\", \"authentication\": \"NONE\", \"confidentialityImpact\": \"NONE\", \"integrityImpact\": \"NONE\", \"availabilityImpact\": \"PARTIAL\"}, \"baseSeverity\": \"LOW\", \"exploitabilityScore\": 3.9, \"impactScore\": 2.9, \"acInsufInfo\": false, \"obtainAllPrivilege\": false, \"obtainUserPrivilege\": false, \"obtainOtherPrivilege\": false, \"userInteractionRequired\": false}]}",
      "published": "2022-07-07T16:15:09.063",
      "references": "[{\"url\": \"https://supportcenter.checkpoint.com/supportcenter/portal?eventSubmit_doGoviewsolutiondetails=\u0026solutionid=sk179609\", \"source\": \"cve@checkpoint.com\", \"tags\": [\"Vendor Advisory\"]}, {\"url\": \"https://supportcenter.checkpoint.com/supportcenter/portal?eventSubmit_doGoviewsolutiondetails=\u0026solutionid=sk179609\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Vendor Advisory\"]}]",
      "sourceIdentifier": "cve@checkpoint.com",
      "vulnStatus": "Modified",
      "weaknesses": "[{\"source\": \"cve@checkpoint.com\", \"type\": \"Secondary\", \"description\": [{\"lang\": \"en\", \"value\": \"CWE-470\"}]}, {\"source\": \"nvd@nist.gov\", \"type\": \"Primary\", \"description\": [{\"lang\": \"en\", \"value\": \"NVD-CWE-noinfo\"}]}]"
    },
    "nvd": "{\"cve\":{\"id\":\"CVE-2022-23744\",\"sourceIdentifier\":\"cve@checkpoint.com\",\"published\":\"2022-07-07T16:15:09.063\",\"lastModified\":\"2024-11-21T06:49:13.467\",\"vulnStatus\":\"Modified\",\"cveTags\":[],\"descriptions\":[{\"lang\":\"en\",\"value\":\"Check Point Endpoint before version E86.50 failed to protect against specific registry change which allowed to disable endpoint protection by a local administrator.\"},{\"lang\":\"es\",\"value\":\"Check Point Endpoint antes de la versi\u00f3n E86.50 no proteg\u00eda contra un cambio espec\u00edfico en el registro que permit\u00eda desactivar la protecci\u00f3n de los puntos finales por un administrador local\"}],\"metrics\":{\"cvssMetricV31\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"3.1\",\"vectorString\":\"CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:L\",\"baseScore\":2.3,\"baseSeverity\":\"LOW\",\"attackVector\":\"LOCAL\",\"attackComplexity\":\"LOW\",\"privilegesRequired\":\"HIGH\",\"userInteraction\":\"NONE\",\"scope\":\"UNCHANGED\",\"confidentialityImpact\":\"NONE\",\"integrityImpact\":\"NONE\",\"availabilityImpact\":\"LOW\"},\"exploitabilityScore\":0.8,\"impactScore\":1.4}],\"cvssMetricV2\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"2.0\",\"vectorString\":\"AV:L/AC:L/Au:N/C:N/I:N/A:P\",\"baseScore\":2.1,\"accessVector\":\"LOCAL\",\"accessComplexity\":\"LOW\",\"authentication\":\"NONE\",\"confidentialityImpact\":\"NONE\",\"integrityImpact\":\"NONE\",\"availabilityImpact\":\"PARTIAL\"},\"baseSeverity\":\"LOW\",\"exploitabilityScore\":3.9,\"impactScore\":2.9,\"acInsufInfo\":false,\"obtainAllPrivilege\":false,\"obtainUserPrivilege\":false,\"obtainOtherPrivilege\":false,\"userInteractionRequired\":false}]},\"weaknesses\":[{\"source\":\"cve@checkpoint.com\",\"type\":\"Secondary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-470\"}]},{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"description\":[{\"lang\":\"en\",\"value\":\"NVD-CWE-noinfo\"}]}],\"configurations\":[{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:checkpoint:endpoint_security:e83:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"7328CB79-D332-40DE-923F-2E15F55059FB\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:checkpoint:endpoint_security:e84:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"2D42E00B-D31F-4474-9B6C-EF976C49487B\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:checkpoint:endpoint_security:e85:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"D2476021-2883-4895-87A6-7E22C3EC7E59\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:checkpoint:endpoint_security:e86.10:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"98319B9E-2E17-428C-B830-99A06398877E\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:checkpoint:endpoint_security:e86.20:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"ACEEC052-70AA-4E2B-864C-8D2EDF213846\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:checkpoint:endpoint_security:e86.30:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"9278FDB9-261A-46C1-AF87-F5F3C89061FE\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:checkpoint:endpoint_security:e86.40:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"1817EFFD-8CEF-4F9C-BE60-FB7582682E56\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:checkpoint:harmony_endpoint:e83:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"14C59AE8-CC3E-4692-9705-EAF32BDBE19A\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:checkpoint:harmony_endpoint:e84:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"2E4093F5-3F40-415C-B0F9-1D17DE15891E\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:checkpoint:harmony_endpoint:e85:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"7A683B31-6BD5-4FB6-9112-C84CAEAAF410\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:checkpoint:harmony_endpoint:e86.10:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"E63A3DBA-A575-4DCA-95BD-A19B0DB4D934\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:checkpoint:harmony_endpoint:e86.20:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"C9A288DC-507B-4B17-964E-9F93EC6D7795\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:checkpoint:harmony_endpoint:e86.30:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"BF816B77-93FE-49F2-9B1B-04AAEFAD164D\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:checkpoint:harmony_endpoint:e86.40:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"8B0E733B-86AC-4495-9900-06B17AA4FAE2\"}]}]}],\"references\":[{\"url\":\"https://supportcenter.checkpoint.com/supportcenter/portal?eventSubmit_doGoviewsolutiondetails=\u0026solutionid=sk179609\",\"source\":\"cve@checkpoint.com\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"https://supportcenter.checkpoint.com/supportcenter/portal?eventSubmit_doGoviewsolutiondetails=\u0026solutionid=sk179609\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Vendor Advisory\"]}]}}"
  }
}

CERTFR-2022-AVI-595

Vulnerability from certfr_avis - Published: - Updated:

Une vulnérabilité a été découverte dans les produits Check Point. Elle permet à un attaquant de provoquer un contournement de la politique de sécurité.

Solution

Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).

None

Impacted products

	Vendor	Product	Description
	Check Point	N/A	Endpoint Security Client versions antérieures à E86.50
	Check Point	N/A	Harmony Endpoint versions antérieures à E86.50

References

Title

Publication Time

Tags

Bulletin de sécurité Check Point sk179609 du 27 juin 2022

None

vendor-advisory

Show details on source website

JSON

To clipboard

{
  "$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
  "affected_systems": [
    {
      "description": "Endpoint Security Client versions ant\u00e9rieures \u00e0 E86.50",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Check Point",
          "scada": false
        }
      }
    },
    {
      "description": "Harmony Endpoint versions ant\u00e9rieures \u00e0 E86.50",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Check Point",
          "scada": false
        }
      }
    }
  ],
  "affected_systems_content": null,
  "content": "## Solution\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l\u0027\u00e9diteur pour l\u0027obtention des\ncorrectifs (cf. section Documentation).\n",
  "cves": [
    {
      "name": "CVE-2022-23744",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-23744"
    }
  ],
  "links": [],
  "reference": "CERTFR-2022-AVI-595",
  "revisions": [
    {
      "description": "Version initiale",
      "revision_date": "2022-07-01T00:00:00.000000"
    }
  ],
  "risks": [
    {
      "description": "Contournement de la politique de s\u00e9curit\u00e9"
    }
  ],
  "summary": "Une vuln\u00e9rabilit\u00e9 a \u00e9t\u00e9 d\u00e9couverte dans les produits Check Point. Elle\npermet \u00e0 un attaquant de provoquer un contournement de la politique de\ns\u00e9curit\u00e9.\n",
  "title": "Vuln\u00e9rabilit\u00e9 dans les produits Check Point",
  "vendor_advisories": [
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 Check Point sk179609 du 27 juin 2022",
      "url": "https://supportcenter.checkpoint.com/supportcenter/portal?eventSubmit_doGoviewsolutiondetails=\u0026solutionid=sk179609\u0026src=securityAlerts"
    }
  ]
}

CERTFR-2022-AVI-595

Vulnerability from certfr_avis - Published: - Updated:

Une vulnérabilité a été découverte dans les produits Check Point. Elle permet à un attaquant de provoquer un contournement de la politique de sécurité.

Solution

Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).

None

Impacted products

	Vendor	Product	Description
	Check Point	N/A	Endpoint Security Client versions antérieures à E86.50
	Check Point	N/A	Harmony Endpoint versions antérieures à E86.50

References

Title

Publication Time

Tags

Bulletin de sécurité Check Point sk179609 du 27 juin 2022

None

vendor-advisory

Show details on source website

JSON

To clipboard

{
  "$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
  "affected_systems": [
    {
      "description": "Endpoint Security Client versions ant\u00e9rieures \u00e0 E86.50",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Check Point",
          "scada": false
        }
      }
    },
    {
      "description": "Harmony Endpoint versions ant\u00e9rieures \u00e0 E86.50",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Check Point",
          "scada": false
        }
      }
    }
  ],
  "affected_systems_content": null,
  "content": "## Solution\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l\u0027\u00e9diteur pour l\u0027obtention des\ncorrectifs (cf. section Documentation).\n",
  "cves": [
    {
      "name": "CVE-2022-23744",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-23744"
    }
  ],
  "links": [],
  "reference": "CERTFR-2022-AVI-595",
  "revisions": [
    {
      "description": "Version initiale",
      "revision_date": "2022-07-01T00:00:00.000000"
    }
  ],
  "risks": [
    {
      "description": "Contournement de la politique de s\u00e9curit\u00e9"
    }
  ],
  "summary": "Une vuln\u00e9rabilit\u00e9 a \u00e9t\u00e9 d\u00e9couverte dans les produits Check Point. Elle\npermet \u00e0 un attaquant de provoquer un contournement de la politique de\ns\u00e9curit\u00e9.\n",
  "title": "Vuln\u00e9rabilit\u00e9 dans les produits Check Point",
  "vendor_advisories": [
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 Check Point sk179609 du 27 juin 2022",
      "url": "https://supportcenter.checkpoint.com/supportcenter/portal?eventSubmit_doGoviewsolutiondetails=\u0026solutionid=sk179609\u0026src=securityAlerts"
    }
  ]
}

VAR-202207-0167

Vulnerability from variot - Updated: 2023-12-18 11:55

Check Point Endpoint before version E86.50 failed to protect against specific registry change which allowed to disable endpoint protection by a local administrator. Check Point Endpoint Security Client is a terminal security protection software from Israel Check Point Company. Check Point Endpoint Security Client has a security vulnerability. An attacker could cause a fatal error by modifying the unprotected registry, triggering a denial of service

Show details on source website

JSON

To clipboard

{
  "@context": {
    "@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
    "affected_products": {
      "@id": "https://www.variotdbs.pl/ref/affected_products"
    },
    "configurations": {
      "@id": "https://www.variotdbs.pl/ref/configurations"
    },
    "credits": {
      "@id": "https://www.variotdbs.pl/ref/credits"
    },
    "cvss": {
      "@id": "https://www.variotdbs.pl/ref/cvss/"
    },
    "description": {
      "@id": "https://www.variotdbs.pl/ref/description/"
    },
    "exploit_availability": {
      "@id": "https://www.variotdbs.pl/ref/exploit_availability/"
    },
    "external_ids": {
      "@id": "https://www.variotdbs.pl/ref/external_ids/"
    },
    "iot": {
      "@id": "https://www.variotdbs.pl/ref/iot/"
    },
    "iot_taxonomy": {
      "@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
    },
    "patch": {
      "@id": "https://www.variotdbs.pl/ref/patch/"
    },
    "problemtype_data": {
      "@id": "https://www.variotdbs.pl/ref/problemtype_data/"
    },
    "references": {
      "@id": "https://www.variotdbs.pl/ref/references/"
    },
    "sources": {
      "@id": "https://www.variotdbs.pl/ref/sources/"
    },
    "sources_release_date": {
      "@id": "https://www.variotdbs.pl/ref/sources_release_date/"
    },
    "sources_update_date": {
      "@id": "https://www.variotdbs.pl/ref/sources_update_date/"
    },
    "threat_type": {
      "@id": "https://www.variotdbs.pl/ref/threat_type/"
    },
    "title": {
      "@id": "https://www.variotdbs.pl/ref/title/"
    },
    "type": {
      "@id": "https://www.variotdbs.pl/ref/type/"
    }
  },
  "@id": "https://www.variotdbs.pl/vuln/VAR-202207-0167",
  "affected_products": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/affected_products#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        },
        "@id": "https://www.variotdbs.pl/ref/sources"
      }
    },
    "data": [
      {
        "model": "harmony endpoint",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "checkpoint",
        "version": "e86.30"
      },
      {
        "model": "endpoint security",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "checkpoint",
        "version": "e86.20"
      },
      {
        "model": "endpoint security",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "checkpoint",
        "version": "e86.30"
      },
      {
        "model": "harmony endpoint",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "checkpoint",
        "version": "e85"
      },
      {
        "model": "harmony endpoint",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "checkpoint",
        "version": "e86.10"
      },
      {
        "model": "endpoint security",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "checkpoint",
        "version": "e86.10"
      },
      {
        "model": "endpoint security",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "checkpoint",
        "version": "e85"
      },
      {
        "model": "harmony endpoint",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "checkpoint",
        "version": "e84"
      },
      {
        "model": "harmony endpoint",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "checkpoint",
        "version": "e86.40"
      },
      {
        "model": "endpoint security",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "checkpoint",
        "version": "e84"
      },
      {
        "model": "harmony endpoint",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "checkpoint",
        "version": "e83"
      },
      {
        "model": "endpoint security",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "checkpoint",
        "version": "e86.40"
      },
      {
        "model": "endpoint security",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "checkpoint",
        "version": "e83"
      },
      {
        "model": "harmony endpoint",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "checkpoint",
        "version": "e86.20"
      }
    ],
    "sources": [
      {
        "db": "NVD",
        "id": "CVE-2022-23744"
      }
    ]
  },
  "configurations": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/configurations#",
      "children": {
        "@container": "@list"
      },
      "cpe_match": {
        "@container": "@list"
      },
      "data": {
        "@container": "@list"
      },
      "nodes": {
        "@container": "@list"
      }
    },
    "data": [
      {
        "CVE_data_version": "4.0",
        "nodes": [
          {
            "children": [],
            "cpe_match": [
              {
                "cpe23Uri": "cpe:2.3:a:checkpoint:endpoint_security:e83:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:checkpoint:endpoint_security:e86.40:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:checkpoint:endpoint_security:e86.30:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:checkpoint:endpoint_security:e86.20:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:checkpoint:endpoint_security:e86.10:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:checkpoint:endpoint_security:e85:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:checkpoint:endpoint_security:e84:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:checkpoint:harmony_endpoint:e84:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:checkpoint:harmony_endpoint:e85:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:checkpoint:harmony_endpoint:e86.10:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:checkpoint:harmony_endpoint:e86.20:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:checkpoint:harmony_endpoint:e86.30:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:checkpoint:harmony_endpoint:e86.40:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:checkpoint:harmony_endpoint:e83:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              }
            ],
            "operator": "OR"
          }
        ]
      }
    ],
    "sources": [
      {
        "db": "NVD",
        "id": "CVE-2022-23744"
      }
    ]
  },
  "cve": "CVE-2022-23744",
  "cvss": {
    "@context": {
      "cvssV2": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
        },
        "@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
      },
      "cvssV3": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
        },
        "@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
      },
      "severity": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/cvss/severity#"
        },
        "@id": "https://www.variotdbs.pl/ref/cvss/severity"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        },
        "@id": "https://www.variotdbs.pl/ref/sources"
      }
    },
    "data": [
      {
        "cvssV2": [
          {
            "acInsufInfo": false,
            "accessComplexity": "LOW",
            "accessVector": "LOCAL",
            "authentication": "NONE",
            "author": "NVD",
            "availabilityImpact": "PARTIAL",
            "baseScore": 2.1,
            "confidentialityImpact": "NONE",
            "exploitabilityScore": 3.9,
            "impactScore": 2.9,
            "integrityImpact": "NONE",
            "obtainAllPrivilege": false,
            "obtainOtherPrivilege": false,
            "obtainUserPrivilege": false,
            "severity": "LOW",
            "trust": 1.0,
            "userInteractionRequired": false,
            "vectorString": "AV:L/AC:L/Au:N/C:N/I:N/A:P",
            "version": "2.0"
          },
          {
            "accessComplexity": "LOW",
            "accessVector": "LOCAL",
            "authentication": "NONE",
            "author": "VULHUB",
            "availabilityImpact": "PARTIAL",
            "baseScore": 2.1,
            "confidentialityImpact": "NONE",
            "exploitabilityScore": 3.9,
            "id": "VHN-412920",
            "impactScore": 2.9,
            "integrityImpact": "NONE",
            "severity": "LOW",
            "trust": 0.1,
            "vectorString": "AV:L/AC:L/AU:N/C:N/I:N/A:P",
            "version": "2.0"
          },
          {
            "acInsufInfo": null,
            "accessComplexity": "LOW",
            "accessVector": "LOCAL",
            "authentication": "NONE",
            "author": "VULMON",
            "availabilityImpact": "PARTIAL",
            "baseScore": 2.1,
            "confidentialityImpact": "NONE",
            "exploitabilityScore": 3.9,
            "id": "CVE-2022-23744",
            "impactScore": 2.9,
            "integrityImpact": "NONE",
            "obtainAllPrivilege": null,
            "obtainOtherPrivilege": null,
            "obtainUserPrivilege": null,
            "severity": "LOW",
            "trust": 0.1,
            "userInteractionRequired": null,
            "vectorString": "AV:L/AC:L/Au:N/C:N/I:N/A:P",
            "version": "2.0"
          }
        ],
        "cvssV3": [
          {
            "attackComplexity": "LOW",
            "attackVector": "LOCAL",
            "author": "NVD",
            "availabilityImpact": "LOW",
            "baseScore": 2.3,
            "baseSeverity": "LOW",
            "confidentialityImpact": "NONE",
            "exploitabilityScore": 0.8,
            "impactScore": 1.4,
            "integrityImpact": "NONE",
            "privilegesRequired": "HIGH",
            "scope": "UNCHANGED",
            "trust": 1.0,
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:L",
            "version": "3.1"
          }
        ],
        "severity": [
          {
            "author": "NVD",
            "id": "CVE-2022-23744",
            "trust": 1.0,
            "value": "LOW"
          },
          {
            "author": "CNNVD",
            "id": "CNNVD-202207-324",
            "trust": 0.6,
            "value": "LOW"
          },
          {
            "author": "VULHUB",
            "id": "VHN-412920",
            "trust": 0.1,
            "value": "LOW"
          },
          {
            "author": "VULMON",
            "id": "CVE-2022-23744",
            "trust": 0.1,
            "value": "LOW"
          }
        ]
      }
    ],
    "sources": [
      {
        "db": "VULHUB",
        "id": "VHN-412920"
      },
      {
        "db": "VULMON",
        "id": "CVE-2022-23744"
      },
      {
        "db": "NVD",
        "id": "CVE-2022-23744"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-202207-324"
      }
    ]
  },
  "description": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/description#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "Check Point Endpoint before version E86.50 failed to protect against specific registry change which allowed to disable endpoint protection by a local administrator. Check Point Endpoint Security Client is a terminal security protection software from Israel Check Point Company. Check Point Endpoint Security Client has a security vulnerability. An attacker could cause a fatal error by modifying the unprotected registry, triggering a denial of service",
    "sources": [
      {
        "db": "NVD",
        "id": "CVE-2022-23744"
      },
      {
        "db": "VULHUB",
        "id": "VHN-412920"
      },
      {
        "db": "VULMON",
        "id": "CVE-2022-23744"
      }
    ],
    "trust": 1.08
  },
  "external_ids": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/external_ids#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "db": "NVD",
        "id": "CVE-2022-23744",
        "trust": 1.8
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-202207-324",
        "trust": 0.7
      },
      {
        "db": "VULHUB",
        "id": "VHN-412920",
        "trust": 0.1
      },
      {
        "db": "VULMON",
        "id": "CVE-2022-23744",
        "trust": 0.1
      }
    ],
    "sources": [
      {
        "db": "VULHUB",
        "id": "VHN-412920"
      },
      {
        "db": "VULMON",
        "id": "CVE-2022-23744"
      },
      {
        "db": "NVD",
        "id": "CVE-2022-23744"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-202207-324"
      }
    ]
  },
  "id": "VAR-202207-0167",
  "iot": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/iot#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": true,
    "sources": [
      {
        "db": "VULHUB",
        "id": "VHN-412920"
      }
    ],
    "trust": 0.01
  },
  "last_update_date": "2023-12-18T11:55:54.905000Z",
  "patch": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/patch#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "title": "Check Point Endpoint Security Client Security vulnerabilities",
        "trust": 0.6,
        "url": "http://www.cnnvd.org.cn/web/xxk/bdxqbyid.tag?id=200200"
      }
    ],
    "sources": [
      {
        "db": "CNNVD",
        "id": "CNNVD-202207-324"
      }
    ]
  },
  "problemtype_data": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "problemtype": "NVD-CWE-noinfo",
        "trust": 1.0
      }
    ],
    "sources": [
      {
        "db": "NVD",
        "id": "CVE-2022-23744"
      }
    ]
  },
  "references": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/references#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "trust": 1.7,
        "url": "https://supportcenter.checkpoint.com/supportcenter/portal?eventsubmit_dogoviewsolutiondetails=\u0026solutionid=sk179609"
      },
      {
        "trust": 0.6,
        "url": "https://cxsecurity.com/cveshow/cve-2022-23744/"
      },
      {
        "trust": 0.6,
        "url": "https://vigilance.fr/vulnerability/check-point-endpoint-security-client-denial-of-service-via-unprotected-registry-change-38717"
      },
      {
        "trust": 0.1,
        "url": "https://supportcenter.checkpoint.com/supportcenter/portal?eventsubmit_dogoviewsolutiondetails=\u0026amp;solutionid=sk179609"
      },
      {
        "trust": 0.1,
        "url": "https://cwe.mitre.org/data/definitions/.html"
      },
      {
        "trust": 0.1,
        "url": "https://nvd.nist.gov"
      }
    ],
    "sources": [
      {
        "db": "VULHUB",
        "id": "VHN-412920"
      },
      {
        "db": "VULMON",
        "id": "CVE-2022-23744"
      },
      {
        "db": "NVD",
        "id": "CVE-2022-23744"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-202207-324"
      }
    ]
  },
  "sources": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/sources#",
      "data": {
        "@container": "@list"
      }
    },
    "data": [
      {
        "db": "VULHUB",
        "id": "VHN-412920"
      },
      {
        "db": "VULMON",
        "id": "CVE-2022-23744"
      },
      {
        "db": "NVD",
        "id": "CVE-2022-23744"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-202207-324"
      }
    ]
  },
  "sources_release_date": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
      "data": {
        "@container": "@list"
      }
    },
    "data": [
      {
        "date": "2022-07-07T00:00:00",
        "db": "VULHUB",
        "id": "VHN-412920"
      },
      {
        "date": "2022-07-07T00:00:00",
        "db": "VULMON",
        "id": "CVE-2022-23744"
      },
      {
        "date": "2022-07-07T16:15:09.063000",
        "db": "NVD",
        "id": "CVE-2022-23744"
      },
      {
        "date": "2022-07-01T00:00:00",
        "db": "CNNVD",
        "id": "CNNVD-202207-324"
      }
    ]
  },
  "sources_update_date": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
      "data": {
        "@container": "@list"
      }
    },
    "data": [
      {
        "date": "2022-07-15T00:00:00",
        "db": "VULHUB",
        "id": "VHN-412920"
      },
      {
        "date": "2022-07-15T00:00:00",
        "db": "VULMON",
        "id": "CVE-2022-23744"
      },
      {
        "date": "2022-07-15T14:55:40.780000",
        "db": "NVD",
        "id": "CVE-2022-23744"
      },
      {
        "date": "2022-07-18T00:00:00",
        "db": "CNNVD",
        "id": "CNNVD-202207-324"
      }
    ]
  },
  "threat_type": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/threat_type#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "local",
    "sources": [
      {
        "db": "CNNVD",
        "id": "CNNVD-202207-324"
      }
    ],
    "trust": 0.6
  },
  "title": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/title#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "Check Point Endpoint Security Client Security hole",
    "sources": [
      {
        "db": "CNNVD",
        "id": "CNNVD-202207-324"
      }
    ],
    "trust": 0.6
  },
  "type": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/type#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "other",
    "sources": [
      {
        "db": "CNNVD",
        "id": "CNNVD-202207-324"
      }
    ],
    "trust": 0.6
  }
}

FKIE_CVE-2022-23744

Vulnerability from fkie_nvd - Published: 2022-07-07 16:15 - Updated: 2024-11-21 06:49

Severity ?

2.3 (Low) - CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:L

Summary

Check Point Endpoint before version E86.50 failed to protect against specific registry change which allowed to disable endpoint protection by a local administrator.

References

	URL	Tags
	cve@checkpoint.com	https://supportcenter.checkpoint.com/supportcenter/portal?eventSubmit_doGoviewsolutiondetails=&solutionid=sk179609	Vendor Advisory
	af854a3a-2127-422b-91ae-364da2661108	https://supportcenter.checkpoint.com/supportcenter/portal?eventSubmit_doGoviewsolutiondetails=&solutionid=sk179609	Vendor Advisory

Impacted products

Vendor	Product	Version
checkpoint	endpoint_security	e83
checkpoint	endpoint_security	e84
checkpoint	endpoint_security	e85
checkpoint	endpoint_security	e86.10
checkpoint	endpoint_security	e86.20
checkpoint	endpoint_security	e86.30
checkpoint	endpoint_security	e86.40
checkpoint	harmony_endpoint	e83
checkpoint	harmony_endpoint	e84
checkpoint	harmony_endpoint	e85
checkpoint	harmony_endpoint	e86.10
checkpoint	harmony_endpoint	e86.20
checkpoint	harmony_endpoint	e86.30
checkpoint	harmony_endpoint	e86.40

JSON

To clipboard

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:checkpoint:endpoint_security:e83:*:*:*:*:*:*:*",
              "matchCriteriaId": "7328CB79-D332-40DE-923F-2E15F55059FB",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:checkpoint:endpoint_security:e84:*:*:*:*:*:*:*",
              "matchCriteriaId": "2D42E00B-D31F-4474-9B6C-EF976C49487B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:checkpoint:endpoint_security:e85:*:*:*:*:*:*:*",
              "matchCriteriaId": "D2476021-2883-4895-87A6-7E22C3EC7E59",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:checkpoint:endpoint_security:e86.10:*:*:*:*:*:*:*",
              "matchCriteriaId": "98319B9E-2E17-428C-B830-99A06398877E",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:checkpoint:endpoint_security:e86.20:*:*:*:*:*:*:*",
              "matchCriteriaId": "ACEEC052-70AA-4E2B-864C-8D2EDF213846",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:checkpoint:endpoint_security:e86.30:*:*:*:*:*:*:*",
              "matchCriteriaId": "9278FDB9-261A-46C1-AF87-F5F3C89061FE",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:checkpoint:endpoint_security:e86.40:*:*:*:*:*:*:*",
              "matchCriteriaId": "1817EFFD-8CEF-4F9C-BE60-FB7582682E56",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:checkpoint:harmony_endpoint:e83:*:*:*:*:*:*:*",
              "matchCriteriaId": "14C59AE8-CC3E-4692-9705-EAF32BDBE19A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:checkpoint:harmony_endpoint:e84:*:*:*:*:*:*:*",
              "matchCriteriaId": "2E4093F5-3F40-415C-B0F9-1D17DE15891E",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:checkpoint:harmony_endpoint:e85:*:*:*:*:*:*:*",
              "matchCriteriaId": "7A683B31-6BD5-4FB6-9112-C84CAEAAF410",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:checkpoint:harmony_endpoint:e86.10:*:*:*:*:*:*:*",
              "matchCriteriaId": "E63A3DBA-A575-4DCA-95BD-A19B0DB4D934",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:checkpoint:harmony_endpoint:e86.20:*:*:*:*:*:*:*",
              "matchCriteriaId": "C9A288DC-507B-4B17-964E-9F93EC6D7795",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:checkpoint:harmony_endpoint:e86.30:*:*:*:*:*:*:*",
              "matchCriteriaId": "BF816B77-93FE-49F2-9B1B-04AAEFAD164D",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:checkpoint:harmony_endpoint:e86.40:*:*:*:*:*:*:*",
              "matchCriteriaId": "8B0E733B-86AC-4495-9900-06B17AA4FAE2",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "Check Point Endpoint before version E86.50 failed to protect against specific registry change which allowed to disable endpoint protection by a local administrator."
    },
    {
      "lang": "es",
      "value": "Check Point Endpoint antes de la versi\u00f3n E86.50 no proteg\u00eda contra un cambio espec\u00edfico en el registro que permit\u00eda desactivar la protecci\u00f3n de los puntos finales por un administrador local"
    }
  ],
  "id": "CVE-2022-23744",
  "lastModified": "2024-11-21T06:49:13.467",
  "metrics": {
    "cvssMetricV2": [
      {
        "acInsufInfo": false,
        "baseSeverity": "LOW",
        "cvssData": {
          "accessComplexity": "LOW",
          "accessVector": "LOCAL",
          "authentication": "NONE",
          "availabilityImpact": "PARTIAL",
          "baseScore": 2.1,
          "confidentialityImpact": "NONE",
          "integrityImpact": "NONE",
          "vectorString": "AV:L/AC:L/Au:N/C:N/I:N/A:P",
          "version": "2.0"
        },
        "exploitabilityScore": 3.9,
        "impactScore": 2.9,
        "obtainAllPrivilege": false,
        "obtainOtherPrivilege": false,
        "obtainUserPrivilege": false,
        "source": "nvd@nist.gov",
        "type": "Primary",
        "userInteractionRequired": false
      }
    ],
    "cvssMetricV31": [
      {
        "cvssData": {
          "attackComplexity": "LOW",
          "attackVector": "LOCAL",
          "availabilityImpact": "LOW",
          "baseScore": 2.3,
          "baseSeverity": "LOW",
          "confidentialityImpact": "NONE",
          "integrityImpact": "NONE",
          "privilegesRequired": "HIGH",
          "scope": "UNCHANGED",
          "userInteraction": "NONE",
          "vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:L",
          "version": "3.1"
        },
        "exploitabilityScore": 0.8,
        "impactScore": 1.4,
        "source": "nvd@nist.gov",
        "type": "Primary"
      }
    ]
  },
  "published": "2022-07-07T16:15:09.063",
  "references": [
    {
      "source": "cve@checkpoint.com",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "https://supportcenter.checkpoint.com/supportcenter/portal?eventSubmit_doGoviewsolutiondetails=\u0026solutionid=sk179609"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "https://supportcenter.checkpoint.com/supportcenter/portal?eventSubmit_doGoviewsolutiondetails=\u0026solutionid=sk179609"
    }
  ],
  "sourceIdentifier": "cve@checkpoint.com",
  "vulnStatus": "Modified",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-470"
        }
      ],
      "source": "cve@checkpoint.com",
      "type": "Secondary"
    },
    {
      "description": [
        {
          "lang": "en",
          "value": "NVD-CWE-noinfo"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}

GHSA-29GH-3CPV-QPJP

Vulnerability from github – Published: 2022-07-08 00:00 – Updated: 2022-07-16 00:00

Details

Check Point Endpoint Security Client E83 through E86 before E86.50 does not protect against a specific registry modification, and thus allows a local administrator to disable endpoint protection.

Severity ?

2.3 (Low)


                  
                    CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:L

Show details on source website

JSON

To clipboard

{
  "affected": [],
  "aliases": [
    "CVE-2022-23744"
  ],
  "database_specific": {
    "cwe_ids": [],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2022-07-07T16:15:00Z",
    "severity": "LOW"
  },
  "details": "Check Point Endpoint Security Client E83 through E86 before E86.50 does not protect against a specific registry modification, and thus allows a local administrator to disable endpoint protection.",
  "id": "GHSA-29gh-3cpv-qpjp",
  "modified": "2022-07-16T00:00:31Z",
  "published": "2022-07-08T00:00:42Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2022-23744"
    },
    {
      "type": "WEB",
      "url": "https://supportcenter.checkpoint.com/supportcenter/portal?eventSubmit_doGoviewsolutiondetails=\u0026solutionid=sk179609"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:L",
      "type": "CVSS_V3"
    }
  ]
}

GSD-2022-23744

Vulnerability from gsd - Updated: 2023-12-13 01:19

Details

Check Point Endpoint before version E86.50 failed to protect against specific registry change which allowed to disable endpoint protection by a local administrator.

Aliases

CVE-2022-23744

Aliases

CVE-2022-23744

JSON

To clipboard

{
  "GSD": {
    "alias": "CVE-2022-23744",
    "description": "Check Point Endpoint Security Client E83 through E86 before E86.50 does not protect against a specific registry modification, and thus allows a local administrator to disable endpoint protection.",
    "id": "GSD-2022-23744"
  },
  "gsd": {
    "metadata": {
      "exploitCode": "unknown",
      "remediation": "unknown",
      "reportConfidence": "confirmed",
      "type": "vulnerability"
    },
    "osvSchema": {
      "aliases": [
        "CVE-2022-23744"
      ],
      "details": "Check Point Endpoint before version E86.50 failed to protect against specific registry change which allowed to disable endpoint protection by a local administrator.",
      "id": "GSD-2022-23744",
      "modified": "2023-12-13T01:19:34.892633Z",
      "schema_version": "1.4.0"
    }
  },
  "namespaces": {
    "cve.org": {
      "CVE_data_meta": {
        "ASSIGNER": "cve@checkpoint.com",
        "ID": "CVE-2022-23744",
        "STATE": "PUBLIC"
      },
      "affects": {
        "vendor": {
          "vendor_data": [
            {
              "product": {
                "product_data": [
                  {
                    "product_name": "Enterprise Endpoint Security Windows Clients.",
                    "version": {
                      "version_data": [
                        {
                          "version_value": "before E86.50"
                        }
                      ]
                    }
                  }
                ]
              },
              "vendor_name": "n/a"
            }
          ]
        }
      },
      "data_format": "MITRE",
      "data_type": "CVE",
      "data_version": "4.0",
      "description": {
        "description_data": [
          {
            "lang": "eng",
            "value": "Check Point Endpoint before version E86.50 failed to protect against specific registry change which allowed to disable endpoint protection by a local administrator."
          }
        ]
      },
      "problemtype": {
        "problemtype_data": [
          {
            "description": [
              {
                "lang": "eng",
                "value": "CWE-470: Use of Externally-Controlled Input to Select Classes or Code (\u0027Unsafe Reflection\u0027)"
              }
            ]
          }
        ]
      },
      "references": {
        "reference_data": [
          {
            "name": "https://supportcenter.checkpoint.com/supportcenter/portal?eventSubmit_doGoviewsolutiondetails=\u0026solutionid=sk179609",
            "refsource": "MISC",
            "url": "https://supportcenter.checkpoint.com/supportcenter/portal?eventSubmit_doGoviewsolutiondetails=\u0026solutionid=sk179609"
          }
        ]
      }
    },
    "nvd.nist.gov": {
      "configurations": {
        "CVE_data_version": "4.0",
        "nodes": [
          {
            "children": [],
            "cpe_match": [
              {
                "cpe23Uri": "cpe:2.3:a:checkpoint:endpoint_security:e83:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:checkpoint:endpoint_security:e86.40:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:checkpoint:endpoint_security:e86.30:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:checkpoint:endpoint_security:e86.20:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:checkpoint:endpoint_security:e86.10:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:checkpoint:endpoint_security:e85:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:checkpoint:endpoint_security:e84:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:checkpoint:harmony_endpoint:e84:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:checkpoint:harmony_endpoint:e85:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:checkpoint:harmony_endpoint:e86.10:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:checkpoint:harmony_endpoint:e86.20:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:checkpoint:harmony_endpoint:e86.30:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:checkpoint:harmony_endpoint:e86.40:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:checkpoint:harmony_endpoint:e83:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              }
            ],
            "operator": "OR"
          }
        ]
      },
      "cve": {
        "CVE_data_meta": {
          "ASSIGNER": "cve@checkpoint.com",
          "ID": "CVE-2022-23744"
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "en",
              "value": "Check Point Endpoint before version E86.50 failed to protect against specific registry change which allowed to disable endpoint protection by a local administrator."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "en",
                  "value": "NVD-CWE-noinfo"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "https://supportcenter.checkpoint.com/supportcenter/portal?eventSubmit_doGoviewsolutiondetails=\u0026solutionid=sk179609",
              "refsource": "MISC",
              "tags": [
                "Vendor Advisory"
              ],
              "url": "https://supportcenter.checkpoint.com/supportcenter/portal?eventSubmit_doGoviewsolutiondetails=\u0026solutionid=sk179609"
            }
          ]
        }
      },
      "impact": {
        "baseMetricV2": {
          "acInsufInfo": false,
          "cvssV2": {
            "accessComplexity": "LOW",
            "accessVector": "LOCAL",
            "authentication": "NONE",
            "availabilityImpact": "PARTIAL",
            "baseScore": 2.1,
            "confidentialityImpact": "NONE",
            "integrityImpact": "NONE",
            "vectorString": "AV:L/AC:L/Au:N/C:N/I:N/A:P",
            "version": "2.0"
          },
          "exploitabilityScore": 3.9,
          "impactScore": 2.9,
          "obtainAllPrivilege": false,
          "obtainOtherPrivilege": false,
          "obtainUserPrivilege": false,
          "severity": "LOW",
          "userInteractionRequired": false
        },
        "baseMetricV3": {
          "cvssV3": {
            "attackComplexity": "LOW",
            "attackVector": "LOCAL",
            "availabilityImpact": "LOW",
            "baseScore": 2.3,
            "baseSeverity": "LOW",
            "confidentialityImpact": "NONE",
            "integrityImpact": "NONE",
            "privilegesRequired": "HIGH",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:L",
            "version": "3.1"
          },
          "exploitabilityScore": 0.8,
          "impactScore": 1.4
        }
      },
      "lastModifiedDate": "2022-07-15T14:55Z",
      "publishedDate": "2022-07-07T16:15Z"
    }
  }
}

Tags

Taxonomy of the tags.

All sightings related to this event Export sightings related to this event

Sightings

Author	Source	Type	Date

Nomenclature

Seen: The vulnerability was mentioned, discussed, or observed by the user.
Confirmed: The vulnerability has been validated from an analyst's perspective.
Published Proof of Concept: A public proof of concept is available for this vulnerability.
Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
Not confirmed: The user expressed doubt about the validity of the vulnerability.
Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.

Detection rules are retrieved from Rulezet.

Action not permitted

CVE-2022-23744 (GCVE-0-2022-23744)

CERTFR-2022-AVI-595

Solution

CERTFR-2022-AVI-595

Solution

VAR-202207-0167

FKIE_CVE-2022-23744

GHSA-29GH-3CPV-QPJP

GSD-2022-23744

Tags

Sightings

Nomenclature