Anti-Spoofing Bypass Vulnerability in Check Point R75.47 Security Gateway and Management Server
CVE-2014-1672

Currently unrated

Key Information:

Vendor: Checkpoint
Status: Management Server; Security Gateway
Vendor: CVE Published:; 26 January 2014

Summary

A vulnerability exists in Check Point R75.47 Security Gateway and Management Server due to improper enforcement of anti-spoofing mechanisms when the routing table is modified. This flaw allows attackers to manipulate access controls, potentially enabling them to bypass intended restrictions and gain unauthorized access. The issue arises particularly when the 'Get - Interfaces with Topology' action is executed, creating a significant risk for network security. Organizations using this product should ensure timely updates and implement additional security measures to mitigate potential exploitation.

References

https://exchange.xforce.ibmcloud.com/vulnerabilities/90976

vdb-entryx_refsource_XF

https://supportcenter.checkpoint.com/supportcenter/portal...

x_refsource_CONFIRM

Timeline

Vulnerability published
Jan 26, 2014
Vulnerability Reserved
Jan 25, 2014