CVE-2008-0662

7.8HIGH

Key Information

Vendor: Checkpoint
Status: Vpn-1 Secureclient
Vendor: CVE Published:; 8 February 2008

Summary

The Auto Local Logon feature in Check Point VPN-1 SecuRemote/SecureClient NGX R60 and R56 for Windows caches credentials under the Checkpoint\SecuRemote registry key, which has Everyone/Full Control permissions, which allows local users to gain privileges by reading and reusing the credentials.

CVSS V3.1

Score:

7.8

Severity:

HIGH

Confidentiality:

High

Integrity:

High

Availability:

High

Attack Vector:

Local

Attack Complexity:

Low

Privileges Required:

Low

User Interaction:

None

Scope:

Unchanged

Timeline

Vulnerability published.
Feb 8, 2008
Vulnerability Reserved.
Feb 7, 2008

Collectors

NVD DatabaseMitre Database