CVE-2014-8951 - Unspecified vulnerability in Check Point Security Gateway R75, R76, R77, and R77.10, when UserCheck

CVE-2014-8951

Summary

Unspecified vulnerability in Check Point Security Gateway R75, R76, R77, and R77.10, when UserCheck is enabled and the (1) Application Control, (2) URL Filtering, (3) DLP, (4) Threat Emulation, (5) Anti-Bot, or (6) Anti-Virus blade is used, allows remote attackers to cause a denial of service (fwk0 process crash, core dump, and restart) via a redirect to the UserCheck page.

References

Vulnerable Configurations

cpe:2.3:a:checkpoint:security_gateway:r75:*:*:*:*:*:*:*
cpe:2.3:a:checkpoint:security_gateway:r75:*:*:*:*:*:*:*
cpe:2.3:a:checkpoint:security_gateway:r76:*:*:*:*:*:*:*
cpe:2.3:a:checkpoint:security_gateway:r76:*:*:*:*:*:*:*
cpe:2.3:a:checkpoint:security_gateway:r77:*:*:*:*:*:*:*
cpe:2.3:a:checkpoint:security_gateway:r77:*:*:*:*:*:*:*
cpe:2.3:a:checkpoint:security_gateway:r77.10:*:*:*:*:*:*:*
cpe:2.3:a:checkpoint:security_gateway:r77.10:*:*:*:*:*:*:*

CVSS

Base:	7.1 (as of 08-09-2017 - 01:29)
Impact:
Exploitability:

CWE

NVD-CWE-noinfo

CAPEC

Access

Vector	Complexity	Authentication
NETWORK	MEDIUM	NONE

Impact

Confidentiality	Integrity	Availability
NONE	NONE	COMPLETE

cvss-vector via4

AV:N/AC:M/Au:N/C:N/I:N/A:C

refmap via4

bid	67993
confirm	https://supportcenter.checkpoint.com/supportcenter/portal?eventSubmit_doGoviewsolutiondetails=&solutionid=sk100505
secunia	58487
xf	security-gateway-cve20148951-dos(98761)

Last major update

08-09-2017 - 01:29

Published

16-11-2014 - 17:59

Last modified

08-09-2017 - 01:29