Cross-Site Scripting Vulnerability in Check Point SNX Product
CVE-2024-52887

3.5LOW

Key Information:

Vendor: Checkpoint
Status: Check Point Mobile Access
Vendor: CVE Published:; 27 April 2025

Summary

An authenticated user of the Check Point SNX product may create a specially crafted bookmark capable of executing arbitrary scripts in their browser. This can lead to unauthorized actions or data exposure and highlights the need for robust input validation and user permissions to mitigate associated risks. This vulnerability emphasizes the importance of secure coding practices and user awareness to prevent exploitation.

Affected Version(s)

Check Point Mobile Access Check Point Mobile Access versions R81.10, R81.20, R82

References

https://support.checkpoint.com/results/sk/sk183054

CVSS V3.1

Score:

3.5

Severity:

LOW

Confidentiality:

None

Integrity:

Low

Availability:

None

Attack Vector:

Network

Attack Complexity:

Low

Privileges Required:

Low

User Interaction:

Required

Scope:

Unchanged

Timeline

Vulnerability published
Apr 27, 2025
Vulnerability Reserved
Nov 17, 2024