PT-2020-18895 · Check Point · Check Point Security Management
Mikhail Klyuchnikov
+1
·
Published
2020-09-24
·
Updated
2022-11-16
·
CVE-2020-6020
CVSS v2.0
7.4
High
| Vector | AV:A/AC:L/Au:S/C:C/I:C/A:P |
Name of the Vulnerable Software and Affected Versions
Check Point Security Management versions prior to R80.10 Take 278
Check Point Security Management versions prior to R80.20 Take 160
Check Point Security Management versions prior to R80.30 Take 210
Check Point Security Management versions prior to R80.40 Take 38
Description
The issue is related to weak input validation on inputs by a trusted management administrator in Check Point Security Management's Internal CA web management. This weakness can be manipulated to run commands as a high privileged user or crash the system.
Recommendations
For versions prior to R80.10 Take 278, update to R80.10 Take 278 or later.
For versions prior to R80.20 Take 160, update to R80.20 Take 160 or later.
For versions prior to R80.30 Take 210, update to R80.30 Take 210 or later.
For versions prior to R80.40 Take 38, update to R80.40 Take 38 or later.
Fix
RCE
Found an issue in the description? Have something to add? Feel free to write us 👾
Weakness Enumeration
Related Identifiers
Affected Products
Check Point Security Management