Описание
Authenticated Gaia users can inject code or commands by global variables through special HTTP requests. A Security fix that mitigates this vulnerability is available.
Ссылки
- Vendor Advisory
Уязвимые конфигурации
Конфигурация 1
Одновременно
Одно из
cpe:2.3:o:checkpoint:gaia_os:r81:*:*:*:*:*:*:*
cpe:2.3:o:checkpoint:gaia_os:r81.10:*:*:*:*:*:*:*
cpe:2.3:o:checkpoint:gaia_os:r81.20:*:*:*:*:*:*:*
Одно из
cpe:2.3:h:checkpoint:clusterxl:-:*:*:*:*:*:*:*
cpe:2.3:h:checkpoint:multi-domain_management:-:*:*:*:*:*:*:*
cpe:2.3:h:checkpoint:quantum_6700:-:*:*:*:*:*:*:*
cpe:2.3:h:checkpoint:quantum_maestro:-:*:*:*:*:*:*:*
cpe:2.3:h:checkpoint:quantum_scalable_chassis:-:*:*:*:*:*:*:*
cpe:2.3:h:checkpoint:quantum_security_gateway:-:*:*:*:*:*:*:*
cpe:2.3:h:checkpoint:quantum_security_management:-:*:*:*:*:*:*:*
cpe:2.3:h:checkpoint:quantum_spark:-:*:*:*:*:*:*:*
EPSS
Процентиль: 46%
0.00229
Низкий
8 High
CVSS3
Дефекты
CWE-914
Связанные уязвимости
CVSS3: 8
github
около 1 года назад
Authenticated Gaia users can inject code or commands by global variables through special HTTP requests. A Security fix that mitigates this vulnerability is available.
EPSS
Процентиль: 46%
0.00229
Низкий
8 High
CVSS3
Дефекты
CWE-914