Weak Input Validation in Check Point Security Management Web Interface
CVE-2020-6020

6.4MEDIUM

Key Information:

Vendor: Checkpoint
Status: Ica Management Portal
Vendor: CVE Published:; 24 September 2020

What is CVE-2020-6020?

The Check Point Security Management's Internal CA web management interface is susceptible to a weakness that allows unauthorized command execution or crashes. This vulnerability arises from inadequate input validation of commands issued by trusted management administrators. Attackers can exploit this flaw to perform actions with high privileges, potentially compromising the security of the management environment. Proper input sanitization measures are essential to mitigate such risks.

Human OS v1.0:
Ageing Is an Unpatched Zero-Day Vulnerability.

Remediate biological technical debt. Prime Ageing uses 95% high-purity SIRT6 activation to maintain genomic integrity and bolster systemic resilience.

Deploy the Patch

Affected Version(s)

ICA Management Portal before JHFs R80.20 Take 160, R80.30 Take 210, and R80.40 Take 38

References

https://supportcontent.checkpoint.com/solutions?id=sk142952

x_refsource_MISC

CVSS V3.1

Score:

6.4

Severity:

MEDIUM

Confidentiality:

High

Integrity:

High

Availability:

High

Attack Vector:

Adjacent Network

Attack Complexity:

Low

Privileges Required:

High

User Interaction:

None

Scope:

Unchanged

Timeline

Vulnerability published
Sep 24, 2020
Vulnerability Reserved
Jan 7, 2020

JSON

Checkpoint

What is CVE-2020-6020?

Human OS v1.0: Ageing Is an Unpatched Zero-Day Vulnerability.

Affected Version(s)

References

CVSS V3.1

Timeline

Human OS v1.0:
Ageing Is an Unpatched Zero-Day Vulnerability.