Firewall Proxy Bypass Vulnerability in Check Point Firewall-1 Products
CVE-2002-2405
Currently unrated
Summary
Check Point Firewall-1 versions 4.1 and Next Generation (NG) exhibit a serious vulnerability when UserAuth is configured to proxy HTTP traffic only. This flaw allows remote attackers to bypass the configured firewall, enabling unauthorized traffic such as HTTPS and FTP to traverse the firewall undetected. Organizations using these versions should review their proxy settings and implement necessary precautions to safeguard against potential exploitation.
References
Timeline
Vulnerability Reserved
Vulnerability published