Vulnerability Monitor

The vendors, products, and vulnerabilities you care about

CVE-2024-24919

Potentially allowing an attacker to read certain information on Check Point Security Gateways once connected to the internet and enabled with remote Access VPN or Mobile Access Software Blades. A Security fix that mitigates this vulnerability is available.

Published

2024-05-28T19:15:10.060

Last Modified

2025-01-27T21:42:18.743

Status

Analyzed

Source

[email protected]

Severity

CVSSv3.1: 8.6 (HIGH)

Weaknesses

Type: Secondary
CWE-200
Type: Primary
NVD-CWE-noinfo

Affected Vendors & Products

Type	Vendor	Product	Version/Range	Vulnerable?
Operating System	checkpoint	quantum_security_gateway_firmware	r80.40	Yes
Hardware	checkpoint	quantum_security_gateway	-	No
Application	checkpoint	cloudguard_network_security	r80.40	Yes
Application	checkpoint	cloudguard_network_security	r81.0	Yes
Application	checkpoint	cloudguard_network_security	r81.10	Yes
Application	checkpoint	cloudguard_network_security	r81.20	Yes
Operating System	checkpoint	quantum_security_gateway_firmware	r81.20	Yes
Hardware	checkpoint	quantum_security_gateway	-	No
Operating System	checkpoint	quantum_security_gateway_firmware	r81.10	Yes
Hardware	checkpoint	quantum_security_gateway	-	No
Operating System	checkpoint	quantum_security_gateway_firmware	r81.0	Yes
Hardware	checkpoint	quantum_security_gateway	-	No
Operating System	checkpoint	quantum_spark_firmware	r81.10	Yes
Hardware	checkpoint	quantum_spark	-	No
Operating System	checkpoint	quantum_spark_firmware	r80.20	Yes
Hardware	checkpoint	quantum_spark	-	No

References

https://support.checkpoint.com/results/sk/sk182336 Mitigation, Patch, Vendor Advisory ([email protected])
https://support.checkpoint.com/results/sk/sk182336 Mitigation, Patch, Vendor Advisory (af854a3a-2127-422b-91ae-364da2661108)