Vulnerability Description
Check Point VPN-1 4.1SP4 using SecuRemote returns different error messages for valid and invalid users, with prompts that vary depending on the authentication method being used, which makes it easier for remote attackers to conduct brute force attacks.
CVSS Score
MEDIUM
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Checkpoint | Vpn-1 | 4.1 |
References
- http://www.osvdb.org/20210
- http://www.securityfocus.com/archive/1/222366
- http://www.securityfocus.com/archive/1/222479
- http://www.securityfocus.com/bid/3470
- https://exchange.xforce.ibmcloud.com/vulnerabilities/7343
- http://www.osvdb.org/20210
- http://www.securityfocus.com/archive/1/222366
- http://www.securityfocus.com/archive/1/222479
- http://www.securityfocus.com/bid/3470
- https://exchange.xforce.ibmcloud.com/vulnerabilities/7343
FAQ
What is CVE-2001-1499?
CVE-2001-1499 is a vulnerability with a CVSS score of 5.0 (MEDIUM). Check Point VPN-1 4.1SP4 using SecuRemote returns different error messages for valid and invalid users, with prompts that vary depending on the authentication method being used, which makes it easier ...
How severe is CVE-2001-1499?
CVE-2001-1499 has been rated MEDIUM with a CVSS base score of 5.0/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2001-1499?
Check the references section above for vendor advisories and patch information. Affected products include: Checkpoint Vpn-1.