CVE-2019-8456

EPSS 1.77%
Published 09.04.2019 21:29:03
Last modified 21.11.2024 04:49:56
Source cve@checkpoint.com
Teams watchlist Login
Open Login

Check Point IKEv2 IPsec VPN up to R80.30, in some less common conditions, may allow an attacker with knowledge of the internal configuration and setup to successfully connect to a site-to-site VPN server.

Affected products Warnungen 0 Metrics 3 CWE 1 References 4

Data is provided by the National Vulnerability Database (NVD)

Checkpoint ≫ Ipsec Vpn Versionr80.10

Checkpoint ≫ Ipsec Vpn Versionr80.20

Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.

EPSS Metriken
Type	Source	Score	Percentile
EPSS	FIRST.org	1.77%	0.81

CVSS Metriken
Source	Base Score	Exploit Score	Impact Score	Vector string
nvd@nist.gov	5.9	2.2	3.6	CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N
nvd@nist.gov	4.3	8.6	2.9	AV:N/AC:M/Au:N/C:N/I:P/A:N

CWE-284 Improper Access Control

The product does not restrict or incorrectly restricts access to a resource from an unauthorized actor.

https://supportcenter.checkpoint.com/supportcenter/portal?eventSubmit_doGoviewsolutiondetails=&solutionid=sk149892

Vendor Advisory

https://nvd.nist.gov/vuln/detail/CVE-2019-8456

CVE Source (NVD)

https://cveawg.mitre.org/api/cve/CVE-2019-8456

CVE Source (JSON)

https://euvd.enisa.europa.eu/vulnerability/CVE-2019-8456

EUVD