Check Point Firewall-1 4.1 up to NG AI R55 allows remote attackers to obtain potentially sensitive information by sending an Internet Key Exchange (IKE) with a certain Vendor ID payload that causes Firewall-1 to return a response containing version and other information.
2004-12-31T05:00:00.000
2025-04-03T01:03:51.193
Deferred
CVSSv2: 7.8 (HIGH)
AV:N/AC:L/Au:N/C:C/I:N/A:N
10.0
6.9
Type | Vendor | Product | Version/Range | Vulnerable? |
---|---|---|---|---|
Application | checkpoint | firewall-1 | 4.0 | Yes |
Application | checkpoint | firewall-1 | 4.0 | Yes |
Application | checkpoint | firewall-1 | 4.0 | Yes |
Application | checkpoint | firewall-1 | 4.0 | Yes |
Application | checkpoint | firewall-1 | 4.0 | Yes |
Application | checkpoint | firewall-1 | 4.0 | Yes |
Application | checkpoint | firewall-1 | 4.0 | Yes |
Application | checkpoint | firewall-1 | 4.0 | Yes |
Application | checkpoint | firewall-1 | 4.0 | Yes |
Application | checkpoint | firewall-1 | 4.1 | Yes |
Application | checkpoint | firewall-1 | 4.1 | Yes |
Application | checkpoint | firewall-1 | 4.1 | Yes |
Application | checkpoint | firewall-1 | 4.1 | Yes |
Application | checkpoint | firewall-1 | 4.1 | Yes |
Application | checkpoint | firewall-1 | 4.1 | Yes |
Application | checkpoint | firewall-1 | 4.1 | Yes |
Application | checkpoint | firewall-1 | 4.1 | Yes |
Application | checkpoint | firewall-1 | r55 | Yes |