IKE Protocol Vulnerability in Check Point FireWall-1
CVE-2002-1623
Currently unrated
Summary
The Internet Key Exchange (IKE) protocol, when configured to use Aggressive Mode for shared secret authentication, has a significant design flaw. It fails to encrypt the identities of both initiator and responder during the negotiation process. This oversight can enable remote attackers to ascertain valid usernames. Attackers can exploit this by either monitoring responses prior to the password input or by intercepting traffic through sniffing techniques. As a result, users may be vulnerable to unauthorized access due to this security lapse in the authentication mechanism, particularly in Check Point's FireWall-1 SecuRemote.
References
EPSS Score
78% chance of being exploited in the next 30 days.
Timeline
Vulnerability Reserved
Vulnerability published