CVE CVE

CVE-2024-24919

CISA Known Exploited Vulnerability (KEV)

Check Point Quantum Security Gateways Information Disclosure Vulnerability

May 30, 2024

June 20, 2024

Apply mitigations per vendor instructions or discontinue use of the product if mitigations are unavailable.

Description

Potentially allowing an attacker to read certain information on Check Point Security Gateways once connected to the internet and enabled with remote Access VPN or Mobile Access Software Blades. A Security fix that mitigates this vulnerability is available.

Weakness Enumeration

CWE-ID CWE Name

CWE-200
Exposure of Sensitive Information to an Unauthorized Actor

Details

Source:
NVD
Published:
Updated:

Risk information

CVSS v3

Base score:
8.6
Severity:

HIGH

Vector:
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:N/A:N

CVSS v2

Not defined