CVE-2024-24919

HIGHCISA KEV

8.6

Beschreibung

Potentially allowing an attacker to read certain information on Check Point Security Gateways once connected to the internet and enabled with remote Access VPN or Mobile Access Software Blades. A Security fix that mitigates this vulnerability is available.

CVE Details

CVSS v3.1 Bewertung8.6

SchweregradHIGH

CVSS VektorCVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:N/A:N

AngriffsvektorNETWORK

KomplexitatLOW

Erforderliche PrivilegienNONE

BenutzerinteraktionNONE

Veroffentlicht5/28/2024

Zuletzt geandert10/24/2025

Quellekev

Honeypot-Sichtungen0

CISA KEV

HerstellerCheck Point

ProduktQuantum Security Gateways

SchwachstellennameCheck Point Quantum Security Gateways Information Disclosure Vulnerability

KEV Aufnahmedatum2024-05-30

Behebungsfrist2024-06-20

Ransomware-NutzungKnown

Betroffene Produkte

checkpoint:cloudguard_network_securitycheckpoint:quantum_security_gatewaycheckpoint:quantum_security_gateway_firmwarecheckpoint:quantum_sparkcheckpoint:quantum_spark_firmware

Schwachen (CWE)

CWE-200

Referenzen

https://support.checkpoint.com/results/sk/sk182336(cve@checkpoint.com)

https://support.checkpoint.com/results/sk/sk182336(af854a3a-2127-422b-91ae-364da2661108)

https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2024-24919(134c704f-9b21-4f2e-91b3-4a467353bcc0)

https://www.mnemonic.io/resources/blog/advisory-check-point-remote-access-vpn-vulnerability-cve-2024-24919/(134c704f-9b21-4f2e-91b3-4a467353bcc0)

IOC Korrelationen

Keine Korrelationen erfasst

This product uses data from the NVD API but is not endorsed or certified by the NVD.