Details of VAR-202011-1465

ID

VAR-202011-1465

CVE

CVE-2020-6015

TITLE

Windows for Check Point Endpoint Security Vulnerability in

Trust: 0.8

sources: JVNDB: JVNDB-2020-013224

DESCRIPTION

Check Point Endpoint Security for Windows before E84.10 can reach denial of service during clean install of the client which will prevent the storage of service log files in non-standard locations

Trust: 1.71

sources: NVD: CVE-2020-6015 // JVNDB: JVNDB-2020-013224 // VULHUB: VHN-184140

AFFECTED PRODUCTS

vendor:	checkpoint	model:	endpoint security	scope:	eq	version:	e84.10	Trust: 1.0
vendor:	チェックポイントソフトウェアテクノロジーズ	model:	endpoint security	scope:	eq	version:	-	Trust: 0.8
vendor:	チェックポイントソフトウェアテクノロジーズ	model:	endpoint security	scope:	eq	version:	e84.10	Trust: 0.8

sources: JVNDB: JVNDB-2020-013224 // NVD: CVE-2020-6015

CVSS

SEVERITY

CVSSV2

CVSSV3

nvd@nist.gov:	CVE-2020-6015
value:	MEDIUM
Trust: 1.0
NVD:	CVE-2020-6015
value:	MEDIUM
Trust: 0.8
CNNVD:	CNNVD-202011-239
value:	MEDIUM
Trust: 0.6
VULHUB:	VHN-184140
value:	LOW
Trust: 0.1

nvd@nist.gov:	CVE-2020-6015
severity:	LOW
baseScore:	2.1
vectorString:	AV:L/AC:L/AU:N/C:N/I:N/A:P
accessVector:	LOCAL
accessComplexity:	LOW
authentication:	NONE
confidentialityImpact:	NONE
integrityImpact:	NONE
availabilityImpact:	PARTIAL
exploitabilityScore:	3.9
impactScore:	2.9
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.0
Trust: 1.8
VULHUB:	VHN-184140
severity:	LOW
baseScore:	2.1
vectorString:	AV:L/AC:L/AU:N/C:N/I:N/A:P
accessVector:	LOCAL
accessComplexity:	LOW
authentication:	NONE
confidentialityImpact:	NONE
integrityImpact:	NONE
availabilityImpact:	PARTIAL
exploitabilityScore:	3.9
impactScore:	2.9
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.0
Trust: 0.1

nvd@nist.gov:	CVE-2020-6015
baseSeverity:	MEDIUM
baseScore:	5.5
vectorString:	CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
attackVector:	LOCAL
attackComplexity:	LOW
privilegesRequired:	LOW
userInteraction:	NONE
scope:	UNCHANGED
confidentialityImpact:	NONE
integrityImpact:	NONE
availabilityImpact:	HIGH
exploitabilityScore:	1.8
impactScore:	3.6
version:	3.1
Trust: 1.0
NVD:	CVE-2020-6015
baseSeverity:	MEDIUM
baseScore:	5.5
vectorString:	CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
attackVector:	LOCAL
attackComplexity:	LOW
privilegesRequired:	LOW
userInteraction:	NONE
scope:	UNCHANGED
confidentialityImpact:	NONE
integrityImpact:	NONE
availabilityImpact:	HIGH
exploitabilityScore:	NONE
impactScore:	NONE
version:	3.0
Trust: 0.8

sources: VULHUB: VHN-184140 // JVNDB: JVNDB-2020-013224 // CNNVD: CNNVD-202011-239 // NVD: CVE-2020-6015

PROBLEMTYPE DATA

problemtype:	CWE-59	Trust: 1.0
problemtype:	NVD-CWE-noinfo	Trust: 1.0
problemtype:	Lack of information (CWE-noinfo) [NVD Evaluation ]	Trust: 0.8

sources: JVNDB: JVNDB-2020-013224 // NVD: CVE-2020-6015

THREAT TYPE

local

Trust: 0.6

sources: CNNVD: CNNVD-202011-239

TYPE

post link

Trust: 0.6

sources: CNNVD: CNNVD-202011-239

PATCH

title:	sk170117	url:	https://supportcenter.checkpoint.com/supportcenter/portal?eventSubmit_doGoviewsolutiondetails=&solutionid=sk170117	Trust: 0.8
title:	Check Point Endpoint Security Post-link vulnerability fixes	url:	http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=132710	Trust: 0.6

sources: JVNDB: JVNDB-2020-013224 // CNNVD: CNNVD-202011-239

EXTERNAL IDS

db:	NVD	id:	CVE-2020-6015	Trust: 2.5
db:	JVNDB	id:	JVNDB-2020-013224	Trust: 0.8
db:	CNNVD	id:	CNNVD-202011-239	Trust: 0.7
db:	CNVD	id:	CNVD-2020-64755	Trust: 0.1
db:	VULHUB	id:	VHN-184140	Trust: 0.1

sources: VULHUB: VHN-184140 // JVNDB: JVNDB-2020-013224 // CNNVD: CNNVD-202011-239 // NVD: CVE-2020-6015

REFERENCES

url:	https://supportcontent.checkpoint.com/solutions?id=sk170117	Trust: 1.7
url:	https://nvd.nist.gov/vuln/detail/cve-2020-6015	Trust: 1.4
url:	https://vigilance.fr/vulnerability/check-point-endpoint-security-client-for-windows-vulnerability-33777	Trust: 0.6

sources: VULHUB: VHN-184140 // JVNDB: JVNDB-2020-013224 // CNNVD: CNNVD-202011-239 // NVD: CVE-2020-6015

SOURCES

db:	VULHUB	id:	VHN-184140
db:	JVNDB	id:	JVNDB-2020-013224
db:	CNNVD	id:	CNNVD-202011-239
db:	NVD	id:	CVE-2020-6015

LAST UPDATE DATE

2024-11-23T22:37:11.840000+00:00

SOURCES UPDATE DATE

db:	VULHUB	id:	VHN-184140	date:	2020-11-17T00:00:00
db:	JVNDB	id:	JVNDB-2020-013224	date:	2021-06-22T04:44:00
db:	CNNVD	id:	CNNVD-202011-239	date:	2020-11-24T00:00:00
db:	NVD	id:	CVE-2020-6015	date:	2024-11-21T05:34:59.153

SOURCES RELEASE DATE

db:	VULHUB	id:	VHN-184140	date:	2020-11-05T00:00:00
db:	JVNDB	id:	JVNDB-2020-013224	date:	2021-06-22T00:00:00
db:	CNNVD	id:	CNNVD-202011-239	date:	2020-11-03T00:00:00
db:	NVD	id:	CVE-2020-6015	date:	2020-11-05T20:15:18.037