CVE-2007-0471

Name of the Vulnerable Software and Affected Versions Check Point Connectra NGX R62 versions 3.x and earlier before Security Hotfix 5 Check Point VPN-1 NGX R62 (affected versions not specified)

Description The issue allows remote attackers to bypass security requirements. This is achieved by sending a crafted Report parameter to the sre/params.php file in the Integrity Clientless Security (ICS) component, which then returns a valid ICSCookie authentication token.

Recommendations For Check Point Connectra NGX R62 versions 3.x and earlier, apply Security Hotfix 5 to resolve the issue. For Check Point VPN-1 NGX R62, at the moment, there is no information about a newer version that contains a fix for this vulnerability.