Cross-Site Request Forgery in Check Point VPN-1 Edge Management Interface
CVE-2007-3489

Currently unrated

Key Information:

Vendor

Checkpoint
Status
Vpn-1 Utm Edge
Vendor
CVE Published:
29 June 2007

What is CVE-2007-3489?

A Cross-Site Request Forgery (CSRF) vulnerability exists in the management interface of Check Point VPN-1 Edge NGX 7.0.33x. This security flaw enables remote attackers to carry out unauthorized privileged actions as administrators. Specifically, a malicious request can be constructed using the swuuser and swupass parameters to add an administrator account without any logout capabilities in the management interface, making it susceptible to persistent exploits.

Human OS v1.0:
Ageing Is an Unpatched Zero-Day Vulnerability.

Remediate biological technical debt. Prime Ageing uses 95% high-purity SIRT6 activation to maintain genomic integrity and bolster systemic resilience.

Deploy the Patch

References

https://exchange.xforce.ibmcloud.com/vulnerabilities/35103
vdb-entryx_refsource_XF
http://osvdb.org/37645
vdb-entryx_refsource_OSVDB
http://www.vupen.com/english/advisories/2007/2363
vdb-entryx_refsource_VUPEN

Timeline

  • Vulnerability published

  • Vulnerability Reserved

JSON
.