← Retour aux CVEs
CVE-2024-24919
HIGHCISA KEV8.6
Description
Potentially allowing an attacker to read certain information on Check Point Security Gateways once connected to the internet and enabled with remote Access VPN or Mobile Access Software Blades. A Security fix that mitigates this vulnerability is available.
Details CVE
Score CVSS v3.18.6
SeveriteHIGH
Vecteur CVSSCVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:N/A:N
Vecteur d'attaqueNETWORK
ComplexiteLOW
Privileges requisNONE
Interaction utilisateurNONE
Publie5/28/2024
Derniere modification10/24/2025
Sourcekev
Observations honeypot0
CISA KEV
FournisseurCheck Point
ProduitQuantum Security Gateways
Nom vulnerabiliteCheck Point Quantum Security Gateways Information Disclosure Vulnerability
Date ajout KEV2024-05-30
Date limite remediation2024-06-20
Utilise dans ransomwareKnown
Produits affectes
checkpoint:cloudguard_network_securitycheckpoint:quantum_security_gatewaycheckpoint:quantum_security_gateway_firmwarecheckpoint:quantum_sparkcheckpoint:quantum_spark_firmware
Faiblesses (CWE)
CWE-200
References
https://support.checkpoint.com/results/sk/sk182336(cve@checkpoint.com)
https://support.checkpoint.com/results/sk/sk182336(af854a3a-2127-422b-91ae-364da2661108)
https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2024-24919(134c704f-9b21-4f2e-91b3-4a467353bcc0)
https://www.mnemonic.io/resources/blog/advisory-check-point-remote-access-vpn-vulnerability-cve-2024-24919/(134c704f-9b21-4f2e-91b3-4a467353bcc0)
Correlations IOC
Aucune correlation enregistree
This product uses data from the NVD API but is not endorsed or certified by the NVD.