CVE-2024-24911 — MEDIUM (5.3)

Vulnerability Description

In rare scenarios, the cpca process on the Security Management Server / Domain Management Server may exit unexpectedly, creating a core dump file. When the cpca process is down, VPN and SIC connectivity issues may occur if the CRL is not present in the Security Gateway's CRL cache.

CVSS Score

5.3

MEDIUM

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality

NONE

Integrity

NONE

Availability

LOW

Affected Products

Vendor	Product	Versions
Checkpoint	Gaia Os	r81
Checkpoint	Multi-Domain Management	-
Checkpoint	Quantum Security Management	-

Related Weaknesses (CWE)

CWE-125

References

https://support.checkpoint.com/results/sk/sk183101Vendor Advisory

FAQ

What is CVE-2024-24911?

CVE-2024-24911 is a vulnerability with a CVSS score of 5.3 (MEDIUM). In rare scenarios, the cpca process on the Security Management Server / Domain Management Server may exit unexpectedly, creating a core dump file. When the cpca process is down, VPN and SIC connectivi...

How severe is CVE-2024-24911?

CVE-2024-24911 has been rated MEDIUM with a CVSS base score of 5.3/10. Review the CVSS metrics above for detailed severity breakdown.

Is there a patch for CVE-2024-24911?

Check the references section above for vendor advisories and patch information. Affected products include: Checkpoint Gaia Os, Checkpoint Multi-Domain Management, Checkpoint Quantum Security Management.