CVSS: 5.3EPSS: 0%CPEs: 1EXPL: 0CVE-2024-24911 – Out of Bounds read in the CPCA process on Check Point Management Server
https://notcve.org/view.php?id=CVE-2024-24911
06 Feb 2025 — In rare scenarios, the cpca process on the Security Management Server / Domain Management Server may exit unexpectedly, creating a core dump file. When the cpca process is down, VPN and SIC connectivity issues may occur if the CRL is not present in the Security Gateway's CRL cache. • https://support.checkpoint.com/results/sk/sk183101 • CWE-125: Out-of-bounds Read •
CVSS: 8.0EPSS: 0%CPEs: 10EXPL: 0CVE-2024-24914
https://notcve.org/view.php?id=CVE-2024-24914
07 Nov 2024 — Authenticated Gaia users can inject code or commands by global variables through special HTTP requests. A Security fix that mitigates this vulnerability is available. • https://support.checkpoint.com/results/sk/sk182743 • CWE-914: Improper Control of Dynamically-Identified Variables •
CVSS: 6.9EPSS: 6%CPEs: 5EXPL: 0CVE-2021-30361
https://notcve.org/view.php?id=CVE-2021-30361
11 May 2022 — The Check Point Gaia Portal's GUI Clients allowed authenticated administrators with permission for the GUI Clients settings to inject a command that would run on the Gaia OS. Los Clientes GUI del Portal Gaia de Check Point permitían a administradores autenticados con permiso para la configuración de los Clientes GUI inyectar un comando que sería ejecutado en el Sistema Operativo Gaia • https://supportcontent.checkpoint.com/solutions?id=sk179128 • CWE-78: Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') •
CVSS: 5.9EPSS: 13%CPEs: 205EXPL: 1CVE-2021-3449 – NULL pointer deref in signature_algorithms processing
https://notcve.org/view.php?id=CVE-2021-3449
25 Mar 2021 — An OpenSSL TLS server may crash if sent a maliciously crafted renegotiation ClientHello message from a client. If a TLSv1.2 renegotiation ClientHello omits the signature_algorithms extension (where it was present in the initial ClientHello), but includes a signature_algorithms_cert extension then a NULL pointer dereference will result, leading to a crash and a denial of service attack. A server is only vulnerable if it has TLSv1.2 and renegotiation enabled (which is the default configuration). OpenSSL TLS c... • https://github.com/riptl/cve-2021-3449 • CWE-476: NULL Pointer Dereference •