Check Point · Check Point Vpn-1 Ngx R62 · CVE-2007-0471
**Name of the Vulnerable Software and Affected Versions**
Check Point Connectra NGX R62 versions 3.x and earlier before Security Hotfix 5
Check Point VPN-1 NGX R62 (affected versions not specified)
**Description**
The issue allows remote attackers to bypass security requirements. This is achieved by sending a crafted Report parameter to the sre/params.php file in the Integrity Clientless Security (ICS) component, which then returns a valid ICSCookie authentication token.
**Recommendations**
For Check Point Connectra NGX R62 versions 3.x and earlier, apply Security Hotfix 5 to resolve the issue.
For Check Point VPN-1 NGX R62, at the moment, there is no information about a newer version that contains a fix for this vulnerability.