Описание
The Auto Local Logon feature in Check Point VPN-1 SecuRemote/SecureClient NGX R60 and R56 for Windows caches credentials under the Checkpoint\SecuRemote registry key, which has Everyone/Full Control permissions, which allows local users to gain privileges by reading and reusing the credentials.
Ссылки
- Not Applicable
- Broken Link
- Broken Link
- Broken LinkThird Party AdvisoryVDB Entry
- Broken LinkThird Party AdvisoryVDB Entry
- Broken LinkThird Party AdvisoryVDB Entry
- Permissions Required
- Not Applicable
- Not Applicable
- Broken Link
- Broken Link
- Broken LinkThird Party AdvisoryVDB Entry
- Broken LinkThird Party AdvisoryVDB Entry
- Broken LinkThird Party AdvisoryVDB Entry
- Permissions Required
- Not Applicable
Уязвимые конфигурации
Конфигурация 1
Одно из
cpe:2.3:a:checkpoint:vpn-1_secureclient:ngai_r56:*:*:*:*:*:*:*
cpe:2.3:a:checkpoint:vpn-1_secureclient:ngx_r60:*:*:*:*:*:*:*
EPSS
Процентиль: 12%
0.0004
Низкий
7.8 High
CVSS3
7.2 High
CVSS2
Дефекты
CWE-732
Связанные уязвимости
CVSS3: 7.8
github
почти 4 года назад
The Auto Local Logon feature in Check Point VPN-1 SecuRemote/SecureClient NGX R60 and R56 for Windows caches credentials under the Checkpoint\SecuRemote registry key, which has Everyone/Full Control permissions, which allows local users to gain privileges by reading and reusing the credentials.
EPSS
Процентиль: 12%
0.0004
Низкий
7.8 High
CVSS3
7.2 High
CVSS2
Дефекты
CWE-732