cvelistv5 - cve-2013-5635

CVE-2013-5635 (GCVE-0-2013-5635)

Vulnerability from cvelistv5 – Published: 2013-11-30 11:00 – Updated: 2024-08-06 17:15

Summary

Severity ?

No CVSS data available.

CWE

Assigner

mitre

References

URL

Tags

	http://www.digitalsec.net/stuff/explt+advs/CheckP…	x_refsource_MISC
	https://supportcenter.checkpoint.com/supportcente…	x_refsource_CONFIRM

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-06T17:15:21.493Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "http://www.digitalsec.net/stuff/explt+advs/CheckPoint_EndPoint_EPM_Explorer.txt"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://supportcenter.checkpoint.com/supportcenter/portal?eventSubmit_doGoviewsolutiondetails=\u0026solutionid=sk96589"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2013-11-13T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "Media Encryption EPM Explorer in Check Point Endpoint Security through E80.50 does not properly maintain the state of password failures, which makes it easier for physically proximate attackers to bypass the device-locking protection mechanism by entering password guesses within multiple Unlock.exe processes that are running simultaneously."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2013-12-01T17:26:34",
        "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "shortName": "mitre"
      },
      "references": [
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "http://www.digitalsec.net/stuff/explt+advs/CheckPoint_EndPoint_EPM_Explorer.txt"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://supportcenter.checkpoint.com/supportcenter/portal?eventSubmit_doGoviewsolutiondetails=\u0026solutionid=sk96589"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "cve@mitre.org",
          "ID": "CVE-2013-5635",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "Media Encryption EPM Explorer in Check Point Endpoint Security through E80.50 does not properly maintain the state of password failures, which makes it easier for physically proximate attackers to bypass the device-locking protection mechanism by entering password guesses within multiple Unlock.exe processes that are running simultaneously."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "http://www.digitalsec.net/stuff/explt+advs/CheckPoint_EndPoint_EPM_Explorer.txt",
              "refsource": "MISC",
              "url": "http://www.digitalsec.net/stuff/explt+advs/CheckPoint_EndPoint_EPM_Explorer.txt"
            },
            {
              "name": "https://supportcenter.checkpoint.com/supportcenter/portal?eventSubmit_doGoviewsolutiondetails=\u0026solutionid=sk96589",
              "refsource": "CONFIRM",
              "url": "https://supportcenter.checkpoint.com/supportcenter/portal?eventSubmit_doGoviewsolutiondetails=\u0026solutionid=sk96589"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
    "assignerShortName": "mitre",
    "cveId": "CVE-2013-5635",
    "datePublished": "2013-11-30T11:00:00",
    "dateReserved": "2013-08-27T00:00:00",
    "dateUpdated": "2024-08-06T17:15:21.493Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1",
  "vulnerability-lookup:meta": {
    "fkie_nvd": {
      "configurations": "[{\"nodes\": [{\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:checkpoint:endpoint_security:e80:-:vpn_blade:*:*:*:*:*\", \"matchCriteriaId\": \"411DFCC1-0B71-456C-833F-4D423AAE67FF\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:checkpoint:endpoint_security:e80.10:-:vpn_blade:*:*:*:*:*\", \"matchCriteriaId\": \"25E330FE-2BCB-4887-BDF7-5956C3ADA26A\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:checkpoint:endpoint_security:e80.20:-:vpn_blade:*:*:*:*:*\", \"matchCriteriaId\": \"B562E6A4-65AB-4139-B497-9D3D5BE51E46\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:checkpoint:endpoint_security:e80.30:-:vpn_blade:*:*:*:*:*\", \"matchCriteriaId\": \"5A1E05B2-8FB6-4694-8AE8-24FAEE1C632B\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:checkpoint:endpoint_security:e80.40:-:vpn_blade:*:*:*:*:*\", \"matchCriteriaId\": \"B5E24572-22FE-442E-B9B1-FBD9BDE6148B\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:checkpoint:endpoint_security:e80.41:-:vpn_blade:*:*:*:*:*\", \"matchCriteriaId\": \"E62DA812-690D-41D3-9408-49E33379B8F5\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:checkpoint:endpoint_security:e80.50:-:vpn_blade:*:*:*:*:*\", \"matchCriteriaId\": \"C467BC8A-E75D-4499-80E6-C813DFDF121C\"}]}]}]",
      "descriptions": "[{\"lang\": \"en\", \"value\": \"Media Encryption EPM Explorer in Check Point Endpoint Security through E80.50 does not properly maintain the state of password failures, which makes it easier for physically proximate attackers to bypass the device-locking protection mechanism by entering password guesses within multiple Unlock.exe processes that are running simultaneously.\"}, {\"lang\": \"es\", \"value\": \"Media Encryption EPM Explorer en Check Point Endpoint Security hasta la versi\\u00f3n E80.50 no mantiene adecuadamente el estado de fallos en contrase\\u00f1as, lo que hace m\\u00e1s sencillo f\\u00edsicamente a atacantes pr\\u00f3ximos evadir el mecanismo de protecci\\u00f3n device-locking mediante la introducci\\u00f3n de intentos de contrase\\u00f1as dentro de m\\u00faltiples procesos Unlock.exe que est\\u00e9n siendo ejecutados simult\\u00e1neamente.\"}]",
      "id": "CVE-2013-5635",
      "lastModified": "2024-11-21T01:57:51.093",
      "metrics": "{\"cvssMetricV2\": [{\"source\": \"nvd@nist.gov\", \"type\": \"Primary\", \"cvssData\": {\"version\": \"2.0\", \"vectorString\": \"AV:L/AC:M/Au:N/C:P/I:P/A:N\", \"baseScore\": 3.3, \"accessVector\": \"LOCAL\", \"accessComplexity\": \"MEDIUM\", \"authentication\": \"NONE\", \"confidentialityImpact\": \"PARTIAL\", \"integrityImpact\": \"PARTIAL\", \"availabilityImpact\": \"NONE\"}, \"baseSeverity\": \"LOW\", \"exploitabilityScore\": 3.4, \"impactScore\": 4.9, \"acInsufInfo\": false, \"obtainAllPrivilege\": false, \"obtainUserPrivilege\": false, \"obtainOtherPrivilege\": false, \"userInteractionRequired\": false}]}",
      "published": "2013-11-30T11:43:54.570",
      "references": "[{\"url\": \"http://www.digitalsec.net/stuff/explt+advs/CheckPoint_EndPoint_EPM_Explorer.txt\", \"source\": \"cve@mitre.org\"}, {\"url\": \"https://supportcenter.checkpoint.com/supportcenter/portal?eventSubmit_doGoviewsolutiondetails=\u0026solutionid=sk96589\", \"source\": \"cve@mitre.org\", \"tags\": [\"Patch\"]}, {\"url\": \"http://www.digitalsec.net/stuff/explt+advs/CheckPoint_EndPoint_EPM_Explorer.txt\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}, {\"url\": \"https://supportcenter.checkpoint.com/supportcenter/portal?eventSubmit_doGoviewsolutiondetails=\u0026solutionid=sk96589\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Patch\"]}]",
      "sourceIdentifier": "cve@mitre.org",
      "vulnStatus": "Modified",
      "weaknesses": "[{\"source\": \"nvd@nist.gov\", \"type\": \"Primary\", \"description\": [{\"lang\": \"en\", \"value\": \"CWE-255\"}]}]"
    },
    "nvd": "{\"cve\":{\"id\":\"CVE-2013-5635\",\"sourceIdentifier\":\"cve@mitre.org\",\"published\":\"2013-11-30T11:43:54.570\",\"lastModified\":\"2025-04-11T00:51:21.963\",\"vulnStatus\":\"Deferred\",\"cveTags\":[],\"descriptions\":[{\"lang\":\"en\",\"value\":\"Media Encryption EPM Explorer in Check Point Endpoint Security through E80.50 does not properly maintain the state of password failures, which makes it easier for physically proximate attackers to bypass the device-locking protection mechanism by entering password guesses within multiple Unlock.exe processes that are running simultaneously.\"},{\"lang\":\"es\",\"value\":\"Media Encryption EPM Explorer en Check Point Endpoint Security hasta la versi\u00f3n E80.50 no mantiene adecuadamente el estado de fallos en contrase\u00f1as, lo que hace m\u00e1s sencillo f\u00edsicamente a atacantes pr\u00f3ximos evadir el mecanismo de protecci\u00f3n device-locking mediante la introducci\u00f3n de intentos de contrase\u00f1as dentro de m\u00faltiples procesos Unlock.exe que est\u00e9n siendo ejecutados simult\u00e1neamente.\"}],\"metrics\":{\"cvssMetricV2\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"2.0\",\"vectorString\":\"AV:L/AC:M/Au:N/C:P/I:P/A:N\",\"baseScore\":3.3,\"accessVector\":\"LOCAL\",\"accessComplexity\":\"MEDIUM\",\"authentication\":\"NONE\",\"confidentialityImpact\":\"PARTIAL\",\"integrityImpact\":\"PARTIAL\",\"availabilityImpact\":\"NONE\"},\"baseSeverity\":\"LOW\",\"exploitabilityScore\":3.4,\"impactScore\":4.9,\"acInsufInfo\":false,\"obtainAllPrivilege\":false,\"obtainUserPrivilege\":false,\"obtainOtherPrivilege\":false,\"userInteractionRequired\":false}]},\"weaknesses\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-255\"}]}],\"configurations\":[{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:checkpoint:endpoint_security:e80:-:vpn_blade:*:*:*:*:*\",\"matchCriteriaId\":\"411DFCC1-0B71-456C-833F-4D423AAE67FF\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:checkpoint:endpoint_security:e80.10:-:vpn_blade:*:*:*:*:*\",\"matchCriteriaId\":\"25E330FE-2BCB-4887-BDF7-5956C3ADA26A\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:checkpoint:endpoint_security:e80.20:-:vpn_blade:*:*:*:*:*\",\"matchCriteriaId\":\"B562E6A4-65AB-4139-B497-9D3D5BE51E46\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:checkpoint:endpoint_security:e80.30:-:vpn_blade:*:*:*:*:*\",\"matchCriteriaId\":\"5A1E05B2-8FB6-4694-8AE8-24FAEE1C632B\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:checkpoint:endpoint_security:e80.40:-:vpn_blade:*:*:*:*:*\",\"matchCriteriaId\":\"B5E24572-22FE-442E-B9B1-FBD9BDE6148B\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:checkpoint:endpoint_security:e80.41:-:vpn_blade:*:*:*:*:*\",\"matchCriteriaId\":\"E62DA812-690D-41D3-9408-49E33379B8F5\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:checkpoint:endpoint_security:e80.50:-:vpn_blade:*:*:*:*:*\",\"matchCriteriaId\":\"C467BC8A-E75D-4499-80E6-C813DFDF121C\"}]}]}],\"references\":[{\"url\":\"http://www.digitalsec.net/stuff/explt+advs/CheckPoint_EndPoint_EPM_Explorer.txt\",\"source\":\"cve@mitre.org\"},{\"url\":\"https://supportcenter.checkpoint.com/supportcenter/portal?eventSubmit_doGoviewsolutiondetails=\u0026solutionid=sk96589\",\"source\":\"cve@mitre.org\",\"tags\":[\"Patch\"]},{\"url\":\"http://www.digitalsec.net/stuff/explt+advs/CheckPoint_EndPoint_EPM_Explorer.txt\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"https://supportcenter.checkpoint.com/supportcenter/portal?eventSubmit_doGoviewsolutiondetails=\u0026solutionid=sk96589\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Patch\"]}]}}"
  }
}

GSD-2013-5635

Vulnerability from gsd - Updated: 2023-12-13 01:22

Details

Aliases

CVE-2013-5635

Aliases

CVE-2013-5635

JSON

To clipboard

{
  "GSD": {
    "alias": "CVE-2013-5635",
    "description": "Media Encryption EPM Explorer in Check Point Endpoint Security through E80.50 does not properly maintain the state of password failures, which makes it easier for physically proximate attackers to bypass the device-locking protection mechanism by entering password guesses within multiple Unlock.exe processes that are running simultaneously.",
    "id": "GSD-2013-5635"
  },
  "gsd": {
    "metadata": {
      "exploitCode": "unknown",
      "remediation": "unknown",
      "reportConfidence": "confirmed",
      "type": "vulnerability"
    },
    "osvSchema": {
      "aliases": [
        "CVE-2013-5635"
      ],
      "details": "Media Encryption EPM Explorer in Check Point Endpoint Security through E80.50 does not properly maintain the state of password failures, which makes it easier for physically proximate attackers to bypass the device-locking protection mechanism by entering password guesses within multiple Unlock.exe processes that are running simultaneously.",
      "id": "GSD-2013-5635",
      "modified": "2023-12-13T01:22:21.545579Z",
      "schema_version": "1.4.0"
    }
  },
  "namespaces": {
    "cve.org": {
      "CVE_data_meta": {
        "ASSIGNER": "cve@mitre.org",
        "ID": "CVE-2013-5635",
        "STATE": "PUBLIC"
      },
      "affects": {
        "vendor": {
          "vendor_data": [
            {
              "product": {
                "product_data": [
                  {
                    "product_name": "n/a",
                    "version": {
                      "version_data": [
                        {
                          "version_value": "n/a"
                        }
                      ]
                    }
                  }
                ]
              },
              "vendor_name": "n/a"
            }
          ]
        }
      },
      "data_format": "MITRE",
      "data_type": "CVE",
      "data_version": "4.0",
      "description": {
        "description_data": [
          {
            "lang": "eng",
            "value": "Media Encryption EPM Explorer in Check Point Endpoint Security through E80.50 does not properly maintain the state of password failures, which makes it easier for physically proximate attackers to bypass the device-locking protection mechanism by entering password guesses within multiple Unlock.exe processes that are running simultaneously."
          }
        ]
      },
      "problemtype": {
        "problemtype_data": [
          {
            "description": [
              {
                "lang": "eng",
                "value": "n/a"
              }
            ]
          }
        ]
      },
      "references": {
        "reference_data": [
          {
            "name": "http://www.digitalsec.net/stuff/explt+advs/CheckPoint_EndPoint_EPM_Explorer.txt",
            "refsource": "MISC",
            "url": "http://www.digitalsec.net/stuff/explt+advs/CheckPoint_EndPoint_EPM_Explorer.txt"
          },
          {
            "name": "https://supportcenter.checkpoint.com/supportcenter/portal?eventSubmit_doGoviewsolutiondetails=\u0026solutionid=sk96589",
            "refsource": "CONFIRM",
            "url": "https://supportcenter.checkpoint.com/supportcenter/portal?eventSubmit_doGoviewsolutiondetails=\u0026solutionid=sk96589"
          }
        ]
      }
    },
    "nvd.nist.gov": {
      "configurations": {
        "CVE_data_version": "4.0",
        "nodes": [
          {
            "children": [],
            "cpe_match": [
              {
                "cpe23Uri": "cpe:2.3:a:checkpoint:endpoint_security:e80.40:-:vpn_blade:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:checkpoint:endpoint_security:e80.41:-:vpn_blade:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:checkpoint:endpoint_security:e80.50:-:vpn_blade:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:checkpoint:endpoint_security:e80:-:vpn_blade:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:checkpoint:endpoint_security:e80.20:-:vpn_blade:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:checkpoint:endpoint_security:e80.10:-:vpn_blade:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:checkpoint:endpoint_security:e80.30:-:vpn_blade:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              }
            ],
            "operator": "OR"
          }
        ]
      },
      "cve": {
        "CVE_data_meta": {
          "ASSIGNER": "cve@mitre.org",
          "ID": "CVE-2013-5635"
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "en",
              "value": "Media Encryption EPM Explorer in Check Point Endpoint Security through E80.50 does not properly maintain the state of password failures, which makes it easier for physically proximate attackers to bypass the device-locking protection mechanism by entering password guesses within multiple Unlock.exe processes that are running simultaneously."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "en",
                  "value": "CWE-255"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "https://supportcenter.checkpoint.com/supportcenter/portal?eventSubmit_doGoviewsolutiondetails=\u0026solutionid=sk96589",
              "refsource": "CONFIRM",
              "tags": [
                "Patch"
              ],
              "url": "https://supportcenter.checkpoint.com/supportcenter/portal?eventSubmit_doGoviewsolutiondetails=\u0026solutionid=sk96589"
            },
            {
              "name": "http://www.digitalsec.net/stuff/explt+advs/CheckPoint_EndPoint_EPM_Explorer.txt",
              "refsource": "MISC",
              "tags": [],
              "url": "http://www.digitalsec.net/stuff/explt+advs/CheckPoint_EndPoint_EPM_Explorer.txt"
            }
          ]
        }
      },
      "impact": {
        "baseMetricV2": {
          "cvssV2": {
            "accessComplexity": "MEDIUM",
            "accessVector": "LOCAL",
            "authentication": "NONE",
            "availabilityImpact": "NONE",
            "baseScore": 3.3,
            "confidentialityImpact": "PARTIAL",
            "integrityImpact": "PARTIAL",
            "vectorString": "AV:L/AC:M/Au:N/C:P/I:P/A:N",
            "version": "2.0"
          },
          "exploitabilityScore": 3.4,
          "impactScore": 4.9,
          "obtainAllPrivilege": false,
          "obtainOtherPrivilege": false,
          "obtainUserPrivilege": false,
          "severity": "LOW",
          "userInteractionRequired": false
        }
      },
      "lastModifiedDate": "2013-12-02T16:20Z",
      "publishedDate": "2013-11-30T11:43Z"
    }
  }
}

FKIE_CVE-2013-5635

Vulnerability from fkie_nvd - Published: 2013-11-30 11:43 - Updated: 2025-04-11 00:51

Severity ?

Summary

References

URL	Tags
cve@mitre.org	http://www.digitalsec.net/stuff/explt+advs/CheckPoint_EndPoint_EPM_Explorer.txt
cve@mitre.org	https://supportcenter.checkpoint.com/supportcenter/portal?eventSubmit_doGoviewsolutiondetails=&solutionid=sk96589	Patch
af854a3a-2127-422b-91ae-364da2661108	http://www.digitalsec.net/stuff/explt+advs/CheckPoint_EndPoint_EPM_Explorer.txt
af854a3a-2127-422b-91ae-364da2661108	https://supportcenter.checkpoint.com/supportcenter/portal?eventSubmit_doGoviewsolutiondetails=&solutionid=sk96589	Patch

Impacted products

Vendor	Product	Version
checkpoint	endpoint_security	e80
checkpoint	endpoint_security	e80.10
checkpoint	endpoint_security	e80.20
checkpoint	endpoint_security	e80.30
checkpoint	endpoint_security	e80.40
checkpoint	endpoint_security	e80.41
checkpoint	endpoint_security	e80.50

JSON

To clipboard

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:checkpoint:endpoint_security:e80:-:vpn_blade:*:*:*:*:*",
              "matchCriteriaId": "411DFCC1-0B71-456C-833F-4D423AAE67FF",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:checkpoint:endpoint_security:e80.10:-:vpn_blade:*:*:*:*:*",
              "matchCriteriaId": "25E330FE-2BCB-4887-BDF7-5956C3ADA26A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:checkpoint:endpoint_security:e80.20:-:vpn_blade:*:*:*:*:*",
              "matchCriteriaId": "B562E6A4-65AB-4139-B497-9D3D5BE51E46",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:checkpoint:endpoint_security:e80.30:-:vpn_blade:*:*:*:*:*",
              "matchCriteriaId": "5A1E05B2-8FB6-4694-8AE8-24FAEE1C632B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:checkpoint:endpoint_security:e80.40:-:vpn_blade:*:*:*:*:*",
              "matchCriteriaId": "B5E24572-22FE-442E-B9B1-FBD9BDE6148B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:checkpoint:endpoint_security:e80.41:-:vpn_blade:*:*:*:*:*",
              "matchCriteriaId": "E62DA812-690D-41D3-9408-49E33379B8F5",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:checkpoint:endpoint_security:e80.50:-:vpn_blade:*:*:*:*:*",
              "matchCriteriaId": "C467BC8A-E75D-4499-80E6-C813DFDF121C",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "Media Encryption EPM Explorer in Check Point Endpoint Security through E80.50 does not properly maintain the state of password failures, which makes it easier for physically proximate attackers to bypass the device-locking protection mechanism by entering password guesses within multiple Unlock.exe processes that are running simultaneously."
    },
    {
      "lang": "es",
      "value": "Media Encryption EPM Explorer en Check Point Endpoint Security hasta la versi\u00f3n E80.50 no mantiene adecuadamente el estado de fallos en contrase\u00f1as, lo que hace m\u00e1s sencillo f\u00edsicamente a atacantes pr\u00f3ximos evadir el mecanismo de protecci\u00f3n device-locking mediante la introducci\u00f3n de intentos de contrase\u00f1as dentro de m\u00faltiples procesos Unlock.exe que est\u00e9n siendo ejecutados simult\u00e1neamente."
    }
  ],
  "id": "CVE-2013-5635",
  "lastModified": "2025-04-11T00:51:21.963",
  "metrics": {
    "cvssMetricV2": [
      {
        "acInsufInfo": false,
        "baseSeverity": "LOW",
        "cvssData": {
          "accessComplexity": "MEDIUM",
          "accessVector": "LOCAL",
          "authentication": "NONE",
          "availabilityImpact": "NONE",
          "baseScore": 3.3,
          "confidentialityImpact": "PARTIAL",
          "integrityImpact": "PARTIAL",
          "vectorString": "AV:L/AC:M/Au:N/C:P/I:P/A:N",
          "version": "2.0"
        },
        "exploitabilityScore": 3.4,
        "impactScore": 4.9,
        "obtainAllPrivilege": false,
        "obtainOtherPrivilege": false,
        "obtainUserPrivilege": false,
        "source": "nvd@nist.gov",
        "type": "Primary",
        "userInteractionRequired": false
      }
    ]
  },
  "published": "2013-11-30T11:43:54.570",
  "references": [
    {
      "source": "cve@mitre.org",
      "url": "http://www.digitalsec.net/stuff/explt+advs/CheckPoint_EndPoint_EPM_Explorer.txt"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Patch"
      ],
      "url": "https://supportcenter.checkpoint.com/supportcenter/portal?eventSubmit_doGoviewsolutiondetails=\u0026solutionid=sk96589"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.digitalsec.net/stuff/explt+advs/CheckPoint_EndPoint_EPM_Explorer.txt"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Patch"
      ],
      "url": "https://supportcenter.checkpoint.com/supportcenter/portal?eventSubmit_doGoviewsolutiondetails=\u0026solutionid=sk96589"
    }
  ],
  "sourceIdentifier": "cve@mitre.org",
  "vulnStatus": "Deferred",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-255"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}

VAR-201311-0307

Vulnerability from variot - Updated: 2023-12-18 12:58

Media Encryption EPM Explorer in Check Point Endpoint Security through E80.50 does not properly maintain the state of password failures, which makes it easier for physically proximate attackers to bypass the device-locking protection mechanism by entering password guesses within multiple Unlock.exe processes that are running simultaneously. Check Point Media Encryption EPM Explorer is prone to a security-bypass vulnerability. An attacker with physical access may be able to exploit this issue to bypass device locking protection and aid in brute-force attacks; other attacks may also be possible. Check Point Endpoint Security Media Encryption E80.41 and E80.50 are vulnerable. This solution combines firewall, network access control, anti-virus, anti-spyware, data security and other functions to ensure that terminal PCs are free from Web-based threats. The vulnerability is caused by the application not properly saving the expiration state of the password. Failed password limit bypass. Risk: Low to Medium Date: 13.Nov.2013 Author: Pedro Andujar

.: [ INTRO ] :.

.: [ TECHNICAL DESCRIPTION ] :.

When accessing an encrypted removable device from a computer without Endpoint Security installed on it, it should contains the files described below:

DVREM.EPM - Encrypted Portable Media (aka the encrypted volume which contains data) Unlock.exe - EPM Explorer (software which allows you to decrypt and access the content)

Despite other scenarios offers better performance (like attacking the EPM directly), less skilled attackers can take advantage of Unlock.exe to attempt to bruteforce the password.

.: [ ISSUE #1 }:.

Name: Multiple Unlock.exe instances Severity: Low CVE: CVE-2013-5635 CWE-372: Incomplete Internal State Distinction

If password policy sets a limit of 5 failed password attempts before device is locked, executing n instances of Unlock.exe at the same time will allow you to get nx5 password attempts (5 for each instance).

Some controls should be applied to prevent multiple EPM explorers being concurrently executed, or at least synchronization regarding the state of failed password attempts.

.: [ ISSUE #2 }:.

Name: Device link not enforced Severity: Low CVE: CVE-2013-5636 CWE-285: Improper Authorization

Unlock.exe contains some restrictions that forces you to store the EPM file in the top of the directory tree, just after a unit letter and coloms (Ex: X:\DVREM.EPM), so it cannot be inside a folder. But this is not enough and still can be extracted from the removable media and be stored in a different drive.

Allowing Unlock.exe to be executed and access EPM stored on a different device/drive, increase the window of time for attackers which can try to access the information without having the originally encrypted device on their hands.

Additionally everytime the EPM is overwrited by a freshcopy of itself, the failed password attempts is reseted, allowing you to try another 5 times, so you can perform infinite attempts.

This charasteristic open some social engineering attack scenarios, like copying the EPM and Unlock.exe before returning a lent device to it's originall owner or just taking it for few seconds when owner is not paying atention.

Ideally EPM file should be associated to the device ID at its creation time, and EPM explorer should check the device ID (or other unique device identifier) to prevent it opening the EPM in a different location.

.: [ CHANGELOG ] :.

16/Dec/2012: - Issue found
25/Aug/2013: - Vendor contacted
26/Aug/2013: - Vendor Ack
11/Nov/2013: - Vendor finished the Fix for Issue #1 - Issue #2 considered not fixeable
14/Nov/2013: - Public Disclosure

.: [ SOLUTIONS ] :.

Check Point offers an improved client for this issue.

Solution ID: sk96589 https://supportcenter.checkpoint.com/supportcenter/portal?eventSubmit_doGoviewsolutiondetails=&solutionid=sk96589

.: [ REFERENCES ] :

Show details on source website

JSON

To clipboard

{
  "@context": {
    "@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
    "affected_products": {
      "@id": "https://www.variotdbs.pl/ref/affected_products"
    },
    "configurations": {
      "@id": "https://www.variotdbs.pl/ref/configurations"
    },
    "credits": {
      "@id": "https://www.variotdbs.pl/ref/credits"
    },
    "cvss": {
      "@id": "https://www.variotdbs.pl/ref/cvss/"
    },
    "description": {
      "@id": "https://www.variotdbs.pl/ref/description/"
    },
    "exploit_availability": {
      "@id": "https://www.variotdbs.pl/ref/exploit_availability/"
    },
    "external_ids": {
      "@id": "https://www.variotdbs.pl/ref/external_ids/"
    },
    "iot": {
      "@id": "https://www.variotdbs.pl/ref/iot/"
    },
    "iot_taxonomy": {
      "@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
    },
    "patch": {
      "@id": "https://www.variotdbs.pl/ref/patch/"
    },
    "problemtype_data": {
      "@id": "https://www.variotdbs.pl/ref/problemtype_data/"
    },
    "references": {
      "@id": "https://www.variotdbs.pl/ref/references/"
    },
    "sources": {
      "@id": "https://www.variotdbs.pl/ref/sources/"
    },
    "sources_release_date": {
      "@id": "https://www.variotdbs.pl/ref/sources_release_date/"
    },
    "sources_update_date": {
      "@id": "https://www.variotdbs.pl/ref/sources_update_date/"
    },
    "threat_type": {
      "@id": "https://www.variotdbs.pl/ref/threat_type/"
    },
    "title": {
      "@id": "https://www.variotdbs.pl/ref/title/"
    },
    "type": {
      "@id": "https://www.variotdbs.pl/ref/type/"
    }
  },
  "@id": "https://www.variotdbs.pl/vuln/VAR-201311-0307",
  "affected_products": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/affected_products#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        },
        "@id": "https://www.variotdbs.pl/ref/sources"
      }
    },
    "data": [
      {
        "model": "endpoint security",
        "scope": "eq",
        "trust": 1.6,
        "vendor": "checkpoint",
        "version": "e80.41"
      },
      {
        "model": "endpoint security",
        "scope": "eq",
        "trust": 1.6,
        "vendor": "checkpoint",
        "version": "e80.30"
      },
      {
        "model": "endpoint security",
        "scope": "eq",
        "trust": 1.6,
        "vendor": "checkpoint",
        "version": "e80"
      },
      {
        "model": "endpoint security",
        "scope": "eq",
        "trust": 1.6,
        "vendor": "checkpoint",
        "version": "e80.20"
      },
      {
        "model": "endpoint security",
        "scope": "eq",
        "trust": 1.6,
        "vendor": "checkpoint",
        "version": "e80.10"
      },
      {
        "model": "endpoint security",
        "scope": "eq",
        "trust": 1.6,
        "vendor": "checkpoint",
        "version": "e80.40"
      },
      {
        "model": "endpoint security",
        "scope": "eq",
        "trust": 1.6,
        "vendor": "checkpoint",
        "version": "e80.50"
      },
      {
        "model": "endpoint security",
        "scope": "lte",
        "trust": 0.8,
        "vendor": "check point",
        "version": "e80.50"
      },
      {
        "model": "point software endpoint security media encryption e80.50",
        "scope": null,
        "trust": 0.3,
        "vendor": "check",
        "version": null
      },
      {
        "model": "point software endpoint security media encryption e80.41",
        "scope": null,
        "trust": 0.3,
        "vendor": "check",
        "version": null
      }
    ],
    "sources": [
      {
        "db": "BID",
        "id": "64026"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2013-005338"
      },
      {
        "db": "NVD",
        "id": "CVE-2013-5635"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201311-478"
      }
    ]
  },
  "configurations": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/configurations#",
      "children": {
        "@container": "@list"
      },
      "cpe_match": {
        "@container": "@list"
      },
      "data": {
        "@container": "@list"
      },
      "nodes": {
        "@container": "@list"
      }
    },
    "data": [
      {
        "CVE_data_version": "4.0",
        "nodes": [
          {
            "children": [],
            "cpe_match": [
              {
                "cpe23Uri": "cpe:2.3:a:checkpoint:endpoint_security:e80.40:-:vpn_blade:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:checkpoint:endpoint_security:e80.41:-:vpn_blade:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:checkpoint:endpoint_security:e80.50:-:vpn_blade:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:checkpoint:endpoint_security:e80:-:vpn_blade:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:checkpoint:endpoint_security:e80.20:-:vpn_blade:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:checkpoint:endpoint_security:e80.10:-:vpn_blade:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:checkpoint:endpoint_security:e80.30:-:vpn_blade:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              }
            ],
            "operator": "OR"
          }
        ]
      }
    ],
    "sources": [
      {
        "db": "NVD",
        "id": "CVE-2013-5635"
      }
    ]
  },
  "credits": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/credits#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "Pedro Andujar",
    "sources": [
      {
        "db": "BID",
        "id": "64026"
      },
      {
        "db": "PACKETSTORM",
        "id": "124019"
      }
    ],
    "trust": 0.4
  },
  "cve": "CVE-2013-5635",
  "cvss": {
    "@context": {
      "cvssV2": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
        },
        "@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
      },
      "cvssV3": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
        },
        "@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
      },
      "severity": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/cvss/severity#"
        },
        "@id": "https://www.variotdbs.pl/ref/cvss/severity"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        },
        "@id": "https://www.variotdbs.pl/ref/sources"
      }
    },
    "data": [
      {
        "cvssV2": [
          {
            "acInsufInfo": false,
            "accessComplexity": "MEDIUM",
            "accessVector": "LOCAL",
            "authentication": "NONE",
            "author": "NVD",
            "availabilityImpact": "NONE",
            "baseScore": 3.3,
            "confidentialityImpact": "PARTIAL",
            "exploitabilityScore": 3.4,
            "impactScore": 4.9,
            "integrityImpact": "PARTIAL",
            "obtainAllPrivilege": false,
            "obtainOtherPrivilege": false,
            "obtainUserPrivilege": false,
            "severity": "LOW",
            "trust": 1.0,
            "userInteractionRequired": false,
            "vectorString": "AV:L/AC:M/Au:N/C:P/I:P/A:N",
            "version": "2.0"
          },
          {
            "acInsufInfo": null,
            "accessComplexity": "Medium",
            "accessVector": "Local",
            "authentication": "None",
            "author": "NVD",
            "availabilityImpact": "None",
            "baseScore": 3.3,
            "confidentialityImpact": "Partial",
            "exploitabilityScore": null,
            "id": "CVE-2013-5635",
            "impactScore": null,
            "integrityImpact": "Partial",
            "obtainAllPrivilege": null,
            "obtainOtherPrivilege": null,
            "obtainUserPrivilege": null,
            "severity": "Low",
            "trust": 0.8,
            "userInteractionRequired": null,
            "vectorString": "AV:L/AC:M/Au:N/C:P/I:P/A:N",
            "version": "2.0"
          },
          {
            "accessComplexity": "MEDIUM",
            "accessVector": "LOCAL",
            "authentication": "NONE",
            "author": "VULHUB",
            "availabilityImpact": "NONE",
            "baseScore": 3.3,
            "confidentialityImpact": "PARTIAL",
            "exploitabilityScore": 3.4,
            "id": "VHN-65637",
            "impactScore": 4.9,
            "integrityImpact": "PARTIAL",
            "severity": "LOW",
            "trust": 0.1,
            "vectorString": "AV:L/AC:M/AU:N/C:P/I:P/A:N",
            "version": "2.0"
          }
        ],
        "cvssV3": [],
        "severity": [
          {
            "author": "NVD",
            "id": "CVE-2013-5635",
            "trust": 1.8,
            "value": "LOW"
          },
          {
            "author": "CNNVD",
            "id": "CNNVD-201311-478",
            "trust": 0.6,
            "value": "LOW"
          },
          {
            "author": "VULHUB",
            "id": "VHN-65637",
            "trust": 0.1,
            "value": "LOW"
          }
        ]
      }
    ],
    "sources": [
      {
        "db": "VULHUB",
        "id": "VHN-65637"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2013-005338"
      },
      {
        "db": "NVD",
        "id": "CVE-2013-5635"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201311-478"
      }
    ]
  },
  "description": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/description#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "Media Encryption EPM Explorer in Check Point Endpoint Security through E80.50 does not properly maintain the state of password failures, which makes it easier for physically proximate attackers to bypass the device-locking protection mechanism by entering password guesses within multiple Unlock.exe processes that are running simultaneously. Check Point Media Encryption EPM Explorer is prone to a security-bypass vulnerability. \nAn attacker with physical access may be able to exploit this issue to bypass device locking protection and aid in brute-force attacks; other attacks may also be possible. \nCheck Point Endpoint Security Media Encryption E80.41 and E80.50 are vulnerable. This solution combines firewall, network access control, anti-virus, anti-spyware, data security and other functions to ensure that terminal PCs are free from Web-based threats. The vulnerability is caused by the application not properly saving the expiration state of the password. Failed password limit bypass. \n    Risk:   Low to Medium\n    Date:   13.Nov.2013\n  Author:   Pedro Andujar\n   \n            \t\n.: [ INTRO ] :. \n\n\n.: [ TECHNICAL DESCRIPTION ] :. \n\nWhen accessing an encrypted removable device from a computer without Endpoint Security installed on it, \nit should contains the files described below:\n\nDVREM.EPM - Encrypted Portable Media (aka the encrypted volume which contains data)\nUnlock.exe - EPM Explorer (software which allows you to decrypt and access the content)\n\nDespite other scenarios offers better performance (like attacking the EPM directly), less skilled attackers \ncan take advantage of Unlock.exe to attempt to bruteforce the password. \n\n\n.: [ ISSUE #1 }:. \n\nName: Multiple Unlock.exe instances \nSeverity: Low\nCVE: CVE-2013-5635\nCWE-372: Incomplete Internal State Distinction\n\nIf password policy sets a limit of 5 failed password attempts before device is locked, executing n instances \nof Unlock.exe at the same time will allow you to get nx5 password attempts (5 for each instance). \n\nSome controls should be applied to prevent multiple EPM explorers being concurrently executed, or at least \nsynchronization regarding the state of failed password attempts. \n\n\n\n.: [ ISSUE #2 }:. \n\nName: Device link not enforced\nSeverity: Low\nCVE: CVE-2013-5636\nCWE-285: Improper Authorization\n\nUnlock.exe contains some restrictions that forces you to store the EPM file in the top of the directory tree,\njust after a unit letter and coloms (Ex: X:\\DVREM.EPM), so it cannot be inside a folder. But this is not enough\nand still can be extracted from the removable media and be stored in a different drive. \n\nAllowing Unlock.exe to be executed and access EPM stored on a different device/drive, increase the window\nof time for attackers which can try to access the information without having the originally encrypted device on \ntheir hands. \n\nAdditionally everytime the EPM is overwrited by a freshcopy of itself, the failed password attempts is reseted,\nallowing you to try another 5 times, so you can perform infinite attempts. \n\nThis charasteristic open some social engineering attack scenarios, like copying the EPM and Unlock.exe before \nreturning a lent device to it\u0027s originall owner or just taking it for few seconds when owner is not paying atention. \n\nIdeally EPM file should be associated to the device ID at its creation time, and EPM explorer should check\nthe device ID (or other unique device identifier) to prevent it opening the EPM in a different location. \n\n\n\n.: [ CHANGELOG ] :. \n\n  * 16/Dec/2012:   - Issue found\n  * 25/Aug/2013:   - Vendor contacted\n  * 26/Aug/2013:   - Vendor Ack\n  * 11/Nov/2013:   - Vendor finished the Fix for Issue #1\n                   - Issue #2 considered not fixeable\n  * 14/Nov/2013:   - Public Disclosure\n\n\n\n.: [ SOLUTIONS ] :. \n\nCheck Point offers an improved client for this issue. \n\nSolution ID: sk96589\nhttps://supportcenter.checkpoint.com/supportcenter/portal?eventSubmit_doGoviewsolutiondetails=\u0026solutionid=sk96589\n\n\n\n.: [ REFERENCES ] :",
    "sources": [
      {
        "db": "NVD",
        "id": "CVE-2013-5635"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2013-005338"
      },
      {
        "db": "BID",
        "id": "64026"
      },
      {
        "db": "VULHUB",
        "id": "VHN-65637"
      },
      {
        "db": "PACKETSTORM",
        "id": "124019"
      }
    ],
    "trust": 2.07
  },
  "external_ids": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/external_ids#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "db": "NVD",
        "id": "CVE-2013-5635",
        "trust": 2.9
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2013-005338",
        "trust": 0.8
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201311-478",
        "trust": 0.7
      },
      {
        "db": "BID",
        "id": "64026",
        "trust": 0.4
      },
      {
        "db": "PACKETSTORM",
        "id": "124019",
        "trust": 0.2
      },
      {
        "db": "VULHUB",
        "id": "VHN-65637",
        "trust": 0.1
      }
    ],
    "sources": [
      {
        "db": "VULHUB",
        "id": "VHN-65637"
      },
      {
        "db": "BID",
        "id": "64026"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2013-005338"
      },
      {
        "db": "PACKETSTORM",
        "id": "124019"
      },
      {
        "db": "NVD",
        "id": "CVE-2013-5635"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201311-478"
      }
    ]
  },
  "id": "VAR-201311-0307",
  "iot": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/iot#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": true,
    "sources": [
      {
        "db": "VULHUB",
        "id": "VHN-65637"
      }
    ],
    "trust": 0.01
  },
  "last_update_date": "2023-12-18T12:58:05.367000Z",
  "patch": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/patch#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "title": "Check Point response to Media Encryption EPM Explorer lockout bypass (sk96589)",
        "trust": 0.8,
        "url": "https://supportcenter.checkpoint.com/supportcenter/portal?eventsubmit_dogoviewsolutiondetails=\u0026solutionid=sk96589"
      }
    ],
    "sources": [
      {
        "db": "JVNDB",
        "id": "JVNDB-2013-005338"
      }
    ]
  },
  "problemtype_data": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "problemtype": "CWE-255",
        "trust": 1.9
      }
    ],
    "sources": [
      {
        "db": "VULHUB",
        "id": "VHN-65637"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2013-005338"
      },
      {
        "db": "NVD",
        "id": "CVE-2013-5635"
      }
    ]
  },
  "references": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/references#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "trust": 2.8,
        "url": "http://www.digitalsec.net/stuff/explt+advs/checkpoint_endpoint_epm_explorer.txt"
      },
      {
        "trust": 2.0,
        "url": "https://supportcenter.checkpoint.com/supportcenter/portal?eventsubmit_dogoviewsolutiondetails=\u0026solutionid=sk96589"
      },
      {
        "trust": 0.8,
        "url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2013-5635"
      },
      {
        "trust": 0.8,
        "url": "http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2013-5635"
      },
      {
        "trust": 0.3,
        "url": "http://www.checkpoint.com/index.html"
      },
      {
        "trust": 0.1,
        "url": "https://supportcenter.checkpoint.com/supportcenter/portal?eventsubmit_dogoviewsolutiondetails=\u0026amp;solutionid=sk96589"
      },
      {
        "trust": 0.1,
        "url": "https://nvd.nist.gov/vuln/detail/cve-2013-5635"
      },
      {
        "trust": 0.1,
        "url": "https://nvd.nist.gov/vuln/detail/cve-2013-5636"
      },
      {
        "trust": 0.1,
        "url": "https://supportcenter.checkpoint.com/supportcenter/portal?eventsubmit_dogoviewsecurityalerts"
      },
      {
        "trust": 0.1,
        "url": "http://downloads.checkpoint.com/dc/download.htm?id=10580"
      },
      {
        "trust": 0.1,
        "url": "http://www.digitalsec.net/"
      }
    ],
    "sources": [
      {
        "db": "VULHUB",
        "id": "VHN-65637"
      },
      {
        "db": "BID",
        "id": "64026"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2013-005338"
      },
      {
        "db": "PACKETSTORM",
        "id": "124019"
      },
      {
        "db": "NVD",
        "id": "CVE-2013-5635"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201311-478"
      }
    ]
  },
  "sources": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/sources#",
      "data": {
        "@container": "@list"
      }
    },
    "data": [
      {
        "db": "VULHUB",
        "id": "VHN-65637"
      },
      {
        "db": "BID",
        "id": "64026"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2013-005338"
      },
      {
        "db": "PACKETSTORM",
        "id": "124019"
      },
      {
        "db": "NVD",
        "id": "CVE-2013-5635"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201311-478"
      }
    ]
  },
  "sources_release_date": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
      "data": {
        "@container": "@list"
      }
    },
    "data": [
      {
        "date": "2013-11-30T00:00:00",
        "db": "VULHUB",
        "id": "VHN-65637"
      },
      {
        "date": "2013-11-14T00:00:00",
        "db": "BID",
        "id": "64026"
      },
      {
        "date": "2013-12-03T00:00:00",
        "db": "JVNDB",
        "id": "JVNDB-2013-005338"
      },
      {
        "date": "2013-11-14T15:55:55",
        "db": "PACKETSTORM",
        "id": "124019"
      },
      {
        "date": "2013-11-30T11:43:54.570000",
        "db": "NVD",
        "id": "CVE-2013-5635"
      },
      {
        "date": "2013-11-30T00:00:00",
        "db": "CNNVD",
        "id": "CNNVD-201311-478"
      }
    ]
  },
  "sources_update_date": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
      "data": {
        "@container": "@list"
      }
    },
    "data": [
      {
        "date": "2013-12-02T00:00:00",
        "db": "VULHUB",
        "id": "VHN-65637"
      },
      {
        "date": "2013-11-14T00:00:00",
        "db": "BID",
        "id": "64026"
      },
      {
        "date": "2013-12-03T00:00:00",
        "db": "JVNDB",
        "id": "JVNDB-2013-005338"
      },
      {
        "date": "2013-12-02T16:20:21.507000",
        "db": "NVD",
        "id": "CVE-2013-5635"
      },
      {
        "date": "2013-12-06T00:00:00",
        "db": "CNNVD",
        "id": "CNNVD-201311-478"
      }
    ]
  },
  "threat_type": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/threat_type#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "local",
    "sources": [
      {
        "db": "BID",
        "id": "64026"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201311-478"
      }
    ],
    "trust": 0.9
  },
  "title": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/title#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "Check Point Endpoint Security of  Media Encryption EPM Explorer Vulnerabilities that bypass device locking protection mechanisms",
    "sources": [
      {
        "db": "JVNDB",
        "id": "JVNDB-2013-005338"
      }
    ],
    "trust": 0.8
  },
  "type": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/type#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "trust management",
    "sources": [
      {
        "db": "CNNVD",
        "id": "CNNVD-201311-478"
      }
    ],
    "trust": 0.6
  }
}

GHSA-P35G-RX4G-5FH5

Vulnerability from github – Published: 2022-05-17 04:56 – Updated: 2022-05-17 04:56

Details

Show details on source website

JSON

To clipboard

{
  "affected": [],
  "aliases": [
    "CVE-2013-5635"
  ],
  "database_specific": {
    "cwe_ids": [],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2013-11-30T11:43:00Z",
    "severity": "LOW"
  },
  "details": "Media Encryption EPM Explorer in Check Point Endpoint Security through E80.50 does not properly maintain the state of password failures, which makes it easier for physically proximate attackers to bypass the device-locking protection mechanism by entering password guesses within multiple Unlock.exe processes that are running simultaneously.",
  "id": "GHSA-p35g-rx4g-5fh5",
  "modified": "2022-05-17T04:56:50Z",
  "published": "2022-05-17T04:56:50Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2013-5635"
    },
    {
      "type": "WEB",
      "url": "https://supportcenter.checkpoint.com/supportcenter/portal?eventSubmit_doGoviewsolutiondetails=\u0026solutionid=sk96589"
    },
    {
      "type": "WEB",
      "url": "http://www.digitalsec.net/stuff/explt+advs/CheckPoint_EndPoint_EPM_Explorer.txt"
    }
  ],
  "schema_version": "1.4.0",
  "severity": []
}

Sightings

Author	Source	Type	Date

Nomenclature

Seen: The vulnerability was mentioned, discussed, or observed by the user.
Confirmed: The vulnerability has been validated from an analyst's perspective.
Published Proof of Concept: A public proof of concept is available for this vulnerability.
Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
Not confirmed: The user expressed doubt about the validity of the vulnerability.
Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.

Detection rules are retrieved from Rulezet.

Action not permitted

CVE-2013-5635 (GCVE-0-2013-5635)

GSD-2013-5635

FKIE_CVE-2013-5635

VAR-201311-0307

GHSA-P35G-RX4G-5FH5

Tags

Sightings

Nomenclature