Vulnerability Description
Potentially allowing an attacker to read certain information on Check Point Security Gateways once connected to the internet and enabled with remote Access VPN or Mobile Access Software Blades. A Security fix that mitigates this vulnerability is available.
CVSS Score
HIGH
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Checkpoint | Quantum Spark Firmware | r80.40 |
| Checkpoint | Quantum Spark | - |
| Checkpoint | Quantum Security Gateway Firmware | r80.40 |
| Checkpoint | Quantum Security Gateway | - |
| Checkpoint | Cloudguard Network Security | r80.40 |
Related Weaknesses (CWE)
References
- https://support.checkpoint.com/results/sk/sk182336MitigationPatchVendor Advisory
- https://support.checkpoint.com/results/sk/sk182336MitigationPatchVendor Advisory
- https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2024-US Government Resource
- https://www.mnemonic.io/resources/blog/advisory-check-point-remote-access-vpn-vuThird Party Advisory
FAQ
What is CVE-2024-24919?
CVE-2024-24919 is a vulnerability with a CVSS score of 8.6 (HIGH). Potentially allowing an attacker to read certain information on Check Point Security Gateways once connected to the internet and enabled with remote Access VPN or Mobile Access Software Blades. A Secu...
How severe is CVE-2024-24919?
CVE-2024-24919 has been rated HIGH with a CVSS base score of 8.6/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2024-24919?
Check the references section above for vendor advisories and patch information. Affected products include: Checkpoint Quantum Spark Firmware, Checkpoint Quantum Spark, Checkpoint Quantum Security Gateway Firmware, Checkpoint Quantum Security Gateway, Checkpoint Cloudguard Network Security.