CVE-2020-6020

6.4MEDIUM

Key Information

Vendor: Checkpoint
Status: Ica Management Portal
Vendor: CVE Published:; 24 September 2020

Summary

Check Point Security Management's Internal CA web management before Jumbo HFAs R80.10 Take 278, R80.20 Take 160, R80.30 Take 210, and R80.40 Take 38, can be manipulated to run commands as a high privileged user or crash, due to weak input validation on inputs by a trusted management administrator.

Affected Version(s)

ICA Management Portal = before JHFs R80.20 Take 160, R80.30 Take 210, and R80.40 Take 38

CVSS V3.1

Score:

6.4

Severity:

MEDIUM

Confidentiality:

High

Integrity:

High

Availability:

Low

Attack Vector:

Adjacent Network

Attack Complexity:

Low

Privileges Required:

High

User Interaction:

None

Scope:

Unchanged

Timeline

Vulnerability published.
Sep 24, 2020
Vulnerability Reserved.
Jan 7, 2020

Collectors

NVD DatabaseMitre Database