Sign-up

ID

VAR-190001-0977


TITLE

Check Point UTM-1 Edge and Safe Multiple Security Vulnerabilities

Trust: 0.9

sources: BID: 50189 // CNNVD: CNNVD-201110-497

DESCRIPTION

Check Point UTM-1 Edge and Safe is a security device for small and medium-sized businesses. The WebUI provided by UTM-1 Edge and Safe@Office has multiple security vulnerabilities, allowing attackers to perform cross-site scripting, cross-site request forgery, information disclosure, and offline site redirection. Multiple cross-site scripting vulnerabilities 2. Multiple HTML-injection vulnerabilities 3. Multiple URI-redirection vulnerabilities 5. An information-disclosure vulnerability An attacker may leverage these issues to access sensitive information, redirect an unsuspecting victim to an attacker-controlled site, or steal cookie-based authentication credentials, to perform unauthorized actions in the context of a user's session

Trust: 0.81

sources: CNVD: CNVD-2011-4348 // BID: 50189

IOT TAXONOMY

category:['Network device']sub_category: -

Trust: 0.6

sources: CNVD: CNVD-2011-4348

AFFECTED PRODUCTS

vendor:checkmodel:point software utm-1 edgescope:eqversion:8.2.43

Trust: 0.9

vendor:checkmodel:point software safescope:eqversion:8.2.43

Trust: 0.9

vendor:checkmodel:point software utm-1 edgescope:neversion:8.2.44

Trust: 0.3

vendor:checkmodel:point software safescope:neversion:8.2.44

Trust: 0.3

sources: CNVD: CNVD-2011-4348 // BID: 50189

THREAT TYPE

remote

Trust: 0.6

sources: CNNVD: CNNVD-201110-497

TYPE

input validation

Trust: 0.6

sources: CNNVD: CNNVD-201110-497

PATCH

title:Check Point UTM-1 Edge and Safe have multiple patches for unknown vulnerabilitiesurl:https://www.cnvd.org.cn/patchinfo/show/5533

Trust: 0.6

sources: CNVD: CNVD-2011-4348

EXTERNAL IDS

db:BIDid:50189

Trust: 1.5

db:CNVDid:CNVD-2011-4348

Trust: 0.6

db:CNNVDid:CNNVD-201110-497

Trust: 0.6

sources: CNVD: CNVD-2011-4348 // BID: 50189 // CNNVD: CNNVD-201110-497

REFERENCES

url:https://supportcenter.checkpoint.com/supportcenter/portal?eventsubmit_dogoviewsolutiondetails=&solutionid=sk65460&src=securityalerts

Trust: 0.9

url:http://www.securityfocus.com/bid/50189

Trust: 0.6

url:http://www.checkpoint.com

Trust: 0.3

sources: CNVD: CNVD-2011-4348 // BID: 50189 // CNNVD: CNNVD-201110-497

CREDITS

Richard Brain

Trust: 0.9

sources: BID: 50189 // CNNVD: CNNVD-201110-497

SOURCES

db:CNVDid:CNVD-2011-4348
db:BIDid:50189
db:CNNVDid:CNNVD-201110-497

LAST UPDATE DATE

2022-05-17T02:12:13.495000+00:00


SOURCES UPDATE DATE

db:CNVDid:CNVD-2011-4348date:2011-10-20T00:00:00
db:BIDid:50189date:2012-11-02T19:20:00
db:CNNVDid:CNNVD-201110-497date:2011-10-20T00:00:00

SOURCES RELEASE DATE

db:CNVDid:CNVD-2011-4348date:2011-10-20T00:00:00
db:BIDid:50189date:2011-10-18T00:00:00
db:CNNVDid:CNNVD-201110-497date:1900-01-01T00:00:00