Sign-up

ID

VAR-201401-0431


CVE

CVE-2014-1673


TITLE

Check Point Session Authentication Agent Vulnerability in which important information is obtained

Trust: 0.8

sources: JVNDB: JVNDB-2014-001263

DESCRIPTION

Check Point Session Authentication Agent allows remote attackers to obtain sensitive information (user credentials) via unspecified vectors. Founded in 1993, Check Point Software Technologies is headquartered in Redwood City, Calif., and is the world's leading provider of Internet security solutions, leading the global enterprise firewall, personal firewall and virtual private network (VPN) markets

Trust: 2.61

sources: NVD: CVE-2014-1673 // JVNDB: JVNDB-2014-001263 // CNVD: CNVD-2014-00888 // BID: 65154 // VULHUB: VHN-69612 // VULMON: CVE-2014-1673

IOT TAXONOMY

category:['Network device']sub_category: -

Trust: 0.6

sources: CNVD: CNVD-2014-00888

AFFECTED PRODUCTS

vendor:checkpointmodel:session authentication agentscope:eqversion: -

Trust: 1.6

vendor:check pointmodel:session authentication agentscope: - version: -

Trust: 0.8

vendor:check pointmodel:security gateway r77scope: - version: -

Trust: 0.6

vendor:checkmodel:point software check point security gateway r77scope: - version: -

Trust: 0.3

sources: CNVD: CNVD-2014-00888 // BID: 65154 // JVNDB: JVNDB-2014-001263 // CNNVD: CNNVD-201401-542 // NVD: CVE-2014-1673

CVSS

SEVERITY

CVSSV2

CVSSV3

nvd@nist.gov: CVE-2014-1673
value: MEDIUM

Trust: 1.0

NVD: CVE-2014-1673
value: MEDIUM

Trust: 0.8

CNVD: CNVD-2014-00888
value: MEDIUM

Trust: 0.6

CNNVD: CNNVD-201401-542
value: MEDIUM

Trust: 0.6

VULHUB: VHN-69612
value: MEDIUM

Trust: 0.1

VULMON: CVE-2014-1673
value: MEDIUM

Trust: 0.1

nvd@nist.gov: CVE-2014-1673
severity: MEDIUM
baseScore: 5.0
vectorString: AV:N/AC:L/AU:N/C:P/I:N/A:N
accessVector: NETWORK
accessComplexity: LOW
authentication: NONE
confidentialityImpact: PARTIAL
integrityImpact: NONE
availabilityImpact: NONE
exploitabilityScore: 10.0
impactScore: 2.9
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 1.9

CNVD: CNVD-2014-00888
severity: MEDIUM
baseScore: 5.0
vectorString: AV:N/AC:L/AU:N/C:P/I:N/A:N
accessVector: NETWORK
accessComplexity: LOW
authentication: NONE
confidentialityImpact: PARTIAL
integrityImpact: NONE
availabilityImpact: NONE
exploitabilityScore: 10.0
impactScore: 2.9
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 0.6

VULHUB: VHN-69612
severity: MEDIUM
baseScore: 5.0
vectorString: AV:N/AC:L/AU:N/C:P/I:N/A:N
accessVector: NETWORK
accessComplexity: LOW
authentication: NONE
confidentialityImpact: PARTIAL
integrityImpact: NONE
availabilityImpact: NONE
exploitabilityScore: 10.0
impactScore: 2.9
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 0.1

sources: CNVD: CNVD-2014-00888 // VULHUB: VHN-69612 // VULMON: CVE-2014-1673 // JVNDB: JVNDB-2014-001263 // CNNVD: CNNVD-201401-542 // NVD: CVE-2014-1673

PROBLEMTYPE DATA

problemtype:NVD-CWE-noinfo

Trust: 1.0

sources: NVD: CVE-2014-1673

THREAT TYPE

remote

Trust: 0.6

sources: CNNVD: CNNVD-201401-542

TYPE

Design Error

Trust: 0.3

sources: BID: 65154

CONFIGURATIONS

sources:
            
            
            JVNDB: JVNDB-2014-001263

PATCH
title:Check Point response to Session Authentication Agent vulnerabilityurl:https://supportcenter.checkpoint.com/supportcenter/portal?eventSubmit_doGoviewsolutiondetails=&solutionid=sk98263
Trust: 0.8
title:Patch for the Check Point Security Gateway Remote Information Disclosure Vulnerabilityurl:https://www.cnvd.org.cn/patchInfo/show/43454
Trust: 0.6
sources:
            
            
            CNVD: CNVD-2014-00888 // 
            
            
            
            JVNDB: JVNDB-2014-001263

EXTERNAL IDS
db:NVDid:CVE-2014-1673
Trust: 3.6
db:OSVDBid:102418
Trust: 2.4
db:PACKETSTORMid:124967
Trust: 1.3
db:BIDid:65154
Trust: 1.0
db:JVNDBid:JVNDB-2014-001263
Trust: 0.8
db:CNNVDid:CNNVD-201401-542
Trust: 0.7
db:CNVDid:CNVD-2014-00888
Trust: 0.6
db:VULHUBid:VHN-69612
Trust: 0.1
db:VULMONid:CVE-2014-1673
Trust: 0.1
sources:
            
            
            CNVD: CNVD-2014-00888 // 
            
            
            
            VULHUB: VHN-69612 // 
            
            
            
            VULMON: CVE-2014-1673 // 
            
            
            
            BID: 65154 // 
            
            
            
            JVNDB: JVNDB-2014-001263 // 
            
            
            
            PACKETSTORM: 124967 // 
            
            
            
            CNNVD: CNNVD-201401-542 // 
            
            
            
            NVD: CVE-2014-1673

REFERENCES
url:http://osvdb.org/102418
Trust: 2.4
url:https://supportcenter.checkpoint.com/supportcenter/portal?eventsubmit_dogoviewsolutiondetails=&solutionid=sk98263
Trust: 2.0
url:http://seclists.org/fulldisclosure/2014/jan/185
Trust: 1.2
url:http://packetstormsecurity.com/files/124967
Trust: 1.2
url:https://exchange.xforce.ibmcloud.com/vulnerabilities/90746
Trust: 1.2
url:http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2014-1673
Trust: 0.8
url:http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2014-1673
Trust: 0.8
url:http://www.securityfocus.com/bid/65154
Trust: 0.6
url:http://www.checkpoint.com/index.html
Trust: 0.3
url:https://supportcenter.checkpoint.com/supportcenter/portal?eventsubmit_dogoviewsolutiondetails=&solutionid=sk98263
Trust: 0.1
url:https://cwe.mitre.org/data/definitions/.html
Trust: 0.1
url:https://nvd.nist.gov
Trust: 0.1
url:https://nvd.nist.gov/vuln/detail/cve-2014-1673
Trust: 0.1
sources:
            
            
            CNVD: CNVD-2014-00888 // 
            
            
            
            VULHUB: VHN-69612 // 
            
            
            
            VULMON: CVE-2014-1673 // 
            
            
            
            BID: 65154 // 
            
            
            
            JVNDB: JVNDB-2014-001263 // 
            
            
            
            PACKETSTORM: 124967 // 
            
            
            
            CNNVD: CNNVD-201401-542 // 
            
            
            
            NVD: CVE-2014-1673

CREDITS
Jakub Jozwiak
Trust: 0.4
sources:
            
            
            BID: 65154 // 
            
            
            
            PACKETSTORM: 124967

SOURCES
db:CNVDid:CNVD-2014-00888
db:VULHUBid:VHN-69612
db:VULMONid:CVE-2014-1673
db:BIDid:65154
db:JVNDBid:JVNDB-2014-001263
db:PACKETSTORMid:124967
db:CNNVDid:CNNVD-201401-542
db:NVDid:CVE-2014-1673

LAST UPDATE DATE
2025-04-11T22:48:23.578000+00:00

SOURCES UPDATE DATE
db:CNVDid:CNVD-2014-00888date:2014-02-20T00:00:00
db:VULHUBid:VHN-69612date:2017-08-29T00:00:00
db:VULMONid:CVE-2014-1673date:2017-08-29T00:00:00
db:BIDid:65154date:2014-01-22T00:00:00
db:JVNDBid:JVNDB-2014-001263date:2014-01-28T00:00:00
db:CNNVDid:CNNVD-201401-542date:2014-01-28T00:00:00
db:NVDid:CVE-2014-1673date:2025-04-11T00:51:21.963

SOURCES RELEASE DATE
db:CNVDid:CNVD-2014-00888date:2014-02-14T00:00:00
db:VULHUBid:VHN-69612date:2014-01-26T00:00:00
db:VULMONid:CVE-2014-1673date:2014-01-26T00:00:00
db:BIDid:65154date:2014-01-22T00:00:00
db:JVNDBid:JVNDB-2014-001263date:2014-01-28T00:00:00
db:PACKETSTORMid:124967date:2014-01-28T02:26:37
db:CNNVDid:CNNVD-201401-542date:2014-01-28T00:00:00
db:NVDid:CVE-2014-1673date:2014-01-26T01:55:26.797