Authenticated Gaia users can inject code or commands by global variables through special HTTP requests. A Security fix that mitigates this vulnerability is available.
2024-11-07T12:15:24.327
2025-08-26T16:40:18.067
Analyzed
CVSSv3.1: 8.0 (HIGH)
| Type | Vendor | Product | Version/Range | Vulnerable? |
|---|---|---|---|---|
| Operating System | checkpoint | gaia_os | r81 | Yes |
| Operating System | checkpoint | gaia_os | r81.10 | Yes |
| Operating System | checkpoint | gaia_os | r81.20 | Yes |
| Hardware | checkpoint | clusterxl | - | No |
| Hardware | checkpoint | multi-domain_management | - | No |
| Hardware | checkpoint | quantum_6700 | - | No |
| Hardware | checkpoint | quantum_maestro | - | No |
| Hardware | checkpoint | quantum_scalable_chassis | - | No |
| Hardware | checkpoint | quantum_security_gateway | - | No |
| Hardware | checkpoint | quantum_security_management | - | No |
| Hardware | checkpoint | quantum_spark | - | No |