Firewall Proxy Bypass Vulnerability in Check Point Firewall-1 Products
CVE-2002-2405

Currently unrated

Key Information:

Vendor
Checkpoint
Vendor
CVE Published:
31 December 2002

Summary

Check Point Firewall-1 versions 4.1 and Next Generation (NG) exhibit a serious vulnerability when UserAuth is configured to proxy HTTP traffic only. This flaw allows remote attackers to bypass the configured firewall, enabling unauthorized traffic such as HTTPS and FTP to traverse the firewall undetected. Organizations using these versions should review their proxy settings and implement necessary precautions to safeguard against potential exploitation.

References

Timeline

  • Vulnerability Reserved

  • Vulnerability published

.