CVE-2014-8951

Severity Score

7.1

*CVSS v2

Exploit Likelihood

*EPSS

Affected Versions

*CPE

Public Exploits

*Multiple Sources

Exploited in Wild

*KEV

Decision

*SSVC

Descriptions

Unspecified vulnerability in Check Point Security Gateway R75, R76, R77, and R77.10, when UserCheck is enabled and the (1) Application Control, (2) URL Filtering, (3) DLP, (4) Threat Emulation, (5) Anti-Bot, or (6) Anti-Virus blade is used, allows remote attackers to cause a denial of service (fwk0 process crash, core dump, and restart) via a redirect to the UserCheck page.

Una vulnerabilidad sin especificar en Check Point Security Gateway R75, R76, R77, y R77.10, cuando el UserCheck está activado y (1) Application Control, (2) URL Filtering, (3) DLP, (4) Threat Emulation, (5) Anti-Bot, o (6) Anti-Virus blade está en uso, permite a atacantes remotos provocar una denegación de servicio (caída del proceso fwk0, volcado de memoria y reinicio) a través de una redirección a la página de UserCheck.

*Credits: N/A

CVSS Scores

NISTv2 7.1

Attack Vector

Network

Attack Complexity

Medium

Authentication

None

Confidentiality

None

Integrity

None

Availability

Complete

* Common Vulnerability Scoring System

SSVC

Decision:-

Exploitation

Automatable

Tech. Impact

* Organization's Worst-case Scenario

Timeline

2014-11-16 CVE Reserved
2014-11-16 CVE Published
2023-03-07 EPSS Updated
2024-08-06 CVE Updated
---------- Exploited in Wild
---------- KEV Due Date
---------- First Exploit

CWE

CAPEC

References (4)

URL	Tag	Source
http://secunia.com/advisories/58487	Third Party Advisory
http://www.securityfocus.com/bid/67993	Vdb Entry
https://exchange.xforce.ibmcloud.com/vulnerabilities/98761	Vdb Entry

URL	Date	SRC

URL	Date	SRC

URL	Date	SRC
https://supportcenter.checkpoint.com/supportcenter/portal?eventSubmit_doGoviewsolutiondetails=&solutionid=sk100505	2017-09-08

Affected Vendors, Products, and Versions

Vendor		Product				Version		Other		Status
Vendor	Product	Version	Other	Status	<-- -->	Vendor	Product	Version	Other	Status
Checkpoint Search vendor "Checkpoint"		Security Gateway Search vendor "Checkpoint" for product "Security Gateway"				r75 Search vendor "Checkpoint" for product "Security Gateway" and version "r75"		-		Affected
Checkpoint Search vendor "Checkpoint"		Security Gateway Search vendor "Checkpoint" for product "Security Gateway"				r76 Search vendor "Checkpoint" for product "Security Gateway" and version "r76"		-		Affected
Checkpoint Search vendor "Checkpoint"		Security Gateway Search vendor "Checkpoint" for product "Security Gateway"				r77 Search vendor "Checkpoint" for product "Security Gateway" and version "r77"		-		Affected
Checkpoint Search vendor "Checkpoint"		Security Gateway Search vendor "Checkpoint" for product "Security Gateway"				r77.10 Search vendor "Checkpoint" for product "Security Gateway" and version "r77.10"		-		Affected