IKE Protocol Vulnerability in Check Point FireWall-1
CVE-2002-1623

Currently unrated

Key Information:

Vendor
Checkpoint
Vendor
CVE Published:
31 December 2002

Summary

The Internet Key Exchange (IKE) protocol, when configured to use Aggressive Mode for shared secret authentication, has a significant design flaw. It fails to encrypt the identities of both initiator and responder during the negotiation process. This oversight can enable remote attackers to ascertain valid usernames. Attackers can exploit this by either monitoring responses prior to the password input or by intercepting traffic through sniffing techniques. As a result, users may be vulnerable to unauthorized access due to this security lapse in the authentication mechanism, particularly in Check Point's FireWall-1 SecuRemote.

References

EPSS Score

78% chance of being exploited in the next 30 days.

Timeline

  • Vulnerability Reserved

  • Vulnerability published

.