CVE-2021-30357 — MEDIUM (5.3)

Vulnerability Description

SSL Network Extender Client for Linux before build 800008302 reveals part of the contents of the configuration file supplied, which allows partially disclosing files to which the user did not have access.

CVSS Score

5.3

MEDIUM

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality

LOW

Integrity

NONE

Availability

NONE

Affected Products

Vendor	Product	Versions
Checkpoint	Ssl Network Extender	r80.10

Related Weaknesses (CWE)

CWE-209

References

https://supportcontent.checkpoint.com/solutions?id=sk173513Vendor Advisory
https://supportcontent.checkpoint.com/solutions?id=sk173513Vendor Advisory

FAQ

What is CVE-2021-30357?

CVE-2021-30357 is a vulnerability with a CVSS score of 5.3 (MEDIUM). SSL Network Extender Client for Linux before build 800008302 reveals part of the contents of the configuration file supplied, which allows partially disclosing files to which the user did not have acc...

How severe is CVE-2021-30357?

CVE-2021-30357 has been rated MEDIUM with a CVSS base score of 5.3/10. Review the CVSS metrics above for detailed severity breakdown.

Is there a patch for CVE-2021-30357?

Check the references section above for vendor advisories and patch information. Affected products include: Checkpoint Ssl Network Extender.