Details of VAR-201404-0291

ID

VAR-201404-0291

CVE

CVE-2013-7350

TITLE

Check Point Security Gateway Vulnerability in

Trust: 0.8

sources: JVNDB: JVNDB-2014-001865

DESCRIPTION

Multiple unspecified vulnerabilities in Check Point Security Gateway 80 R71.x before R71.45 (730159141) and R75.20.x before R75.20.4 and 600 and 1100 appliances R75.20.x before R75.20.42 have unknown impact and attack vectors related to "important security fixes.". Founded in 1993, Check Point Software Technologies is headquartered in Redwood City, Calif., and is the world's leading provider of Internet security solutions, leading the global enterprise firewall, personal firewall and virtual private network (VPN) markets. There are multiple vulnerabilities in Check Point's multiple products. There are currently no detailed vulnerability descriptions. The impact of these issues is currently unknown. We will update this BID as more information emerges. The following products are affected: Security Gateway 80 R71.x and R75.20.x 600 Appliance R75.20.x 1100 Appliance R75.20.x. Please keep an eye on the cnnvd website or manufacturer announcements

Trust: 2.52

sources: NVD: CVE-2013-7350 // JVNDB: JVNDB-2014-001865 // CNVD: CNVD-2014-01251 // BID: 66598 // VULHUB: VHN-67352

IOT TAXONOMY

category:

['Network device']

sub_category:

Trust: 0.6

sources: CNVD: CNVD-2014-01251

AFFECTED PRODUCTS

vendor:	checkpoint	model:	security gateway	scope:	eq	version:	r75.20	Trust: 1.6
vendor:	checkpoint	model:	security gateway	scope:	eq	version:	r71.00	Trust: 1.6
vendor:	checkpoint	model:	security gateway	scope:	eq	version:	r71.45	Trust: 1.6
vendor:	check point	model:	security gateway	scope:	lt	version:	r71.x	Trust: 0.8
vendor:	check point	model:	security gateway	scope:	eq	version:	1100 the appliance r75.20.42	Trust: 0.8
vendor:	check point	model:	security gateway	scope:	lt	version:	r75.20.x	Trust: 0.8
vendor:	check point	model:	security gateway	scope:	eq	version:	80 r71.45 (730159141)	Trust: 0.8
vendor:	check point	model:	security gateway	scope:	eq	version:	600 the appliance r75.20.42	Trust: 0.8
vendor:	check	model:	point appliance r75.20 hfa	scope:	eq	version:	60042	Trust: 0.6
vendor:	check	model:	point appliance r75.20 hfa	scope:	eq	version:	100042	Trust: 0.6
vendor:	check	model:	point security gateway r71.45	scope:	eq	version:	80	Trust: 0.6
vendor:	check	model:	point software security gateway r75.20	scope:	eq	version:	80	Trust: 0.3
vendor:	check	model:	point software security gateway r71.45	scope:	eq	version:	80	Trust: 0.3
vendor:	check	model:	point software security gateway r71.00	scope:	eq	version:	80	Trust: 0.3
vendor:	check	model:	point software appliance r75.20	scope:	eq	version:	600	Trust: 0.3
vendor:	check	model:	point software appliance r75.20	scope:	eq	version:	1000	Trust: 0.3
vendor:	check	model:	point software security gateway r75.20.4	scope:	ne	version:	80	Trust: 0.3
vendor:	check	model:	point software security gateway r71.45	scope:	ne	version:	80(730159141)	Trust: 0.3
vendor:	check	model:	point software appliance r75.20.42	scope:	ne	version:	600	Trust: 0.3
vendor:	check	model:	point software appliance r75.20.42	scope:	ne	version:	1000	Trust: 0.3

sources: CNVD: CNVD-2014-01251 // BID: 66598 // JVNDB: JVNDB-2014-001865 // CNNVD: CNNVD-201404-015 // NVD: CVE-2013-7350

CVSS

SEVERITY

CVSSV2

CVSSV3

nvd@nist.gov:	CVE-2013-7350
value:	HIGH
Trust: 1.0
NVD:	CVE-2013-7350
value:	HIGH
Trust: 0.8
CNVD:	CNVD-2014-01251
value:	MEDIUM
Trust: 0.6
CNNVD:	CNNVD-201404-015
value:	CRITICAL
Trust: 0.6
VULHUB:	VHN-67352
value:	HIGH
Trust: 0.1

nvd@nist.gov:	CVE-2013-7350
severity:	HIGH
baseScore:	10.0
vectorString:	AV:N/AC:L/AU:N/C:C/I:C/A:C
accessVector:	NETWORK
accessComplexity:	LOW
authentication:	NONE
confidentialityImpact:	COMPLETE
integrityImpact:	COMPLETE
availabilityImpact:	COMPLETE
exploitabilityScore:	10.0
impactScore:	10.0
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.0
Trust: 1.8
CNVD:	CNVD-2014-01251
severity:	MEDIUM
baseScore:	5.0
vectorString:	AV:N/AC:L/AU:N/C:P/I:N/A:N
accessVector:	NETWORK
accessComplexity:	LOW
authentication:	NONE
confidentialityImpact:	PARTIAL
integrityImpact:	NONE
availabilityImpact:	NONE
exploitabilityScore:	10.0
impactScore:	2.9
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.0
Trust: 0.6
VULHUB:	VHN-67352
severity:	HIGH
baseScore:	10.0
vectorString:	AV:N/AC:L/AU:N/C:C/I:C/A:C
accessVector:	NETWORK
accessComplexity:	LOW
authentication:	NONE
confidentialityImpact:	COMPLETE
integrityImpact:	COMPLETE
availabilityImpact:	COMPLETE
exploitabilityScore:	10.0
impactScore:	10.0
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.0
Trust: 0.1

sources: CNVD: CNVD-2014-01251 // VULHUB: VHN-67352 // JVNDB: JVNDB-2014-001865 // CNNVD: CNNVD-201404-015 // NVD: CVE-2013-7350

PROBLEMTYPE DATA

problemtype:

NVD-CWE-noinfo

Trust: 1.0

sources: NVD: CVE-2013-7350

THREAT TYPE

remote

Trust: 0.6

sources: CNNVD: CNNVD-201404-015

TYPE

lack of information

Trust: 0.6

sources: CNNVD: CNNVD-201404-015

CONFIGURATIONS

sources: JVNDB: JVNDB-2014-001865

PATCH

title:	Security enhancements for 600 / 1100 Appliance and Security Gateway 80	url:	https://supportcenter.checkpoint.com/supportcenter/portal?eventSubmit_doGoviewsolutiondetails=&solutionid=sk98332&src=securityAlerts	Trust: 0.8
title:	Patch Point multiple patches for multiple vulnerabilities	url:	https://www.cnvd.org.cn/patchInfo/show/43858	Trust: 0.6

sources: CNVD: CNVD-2014-01251 // JVNDB: JVNDB-2014-001865

EXTERNAL IDS

db:	NVD	id:	CVE-2013-7350	Trust: 2.8
db:	OSVDB	id:	102745	Trust: 2.3
db:	JVNDB	id:	JVNDB-2014-001865	Trust: 0.8
db:	CNNVD	id:	CNNVD-201404-015	Trust: 0.7
db:	CNVD	id:	CNVD-2014-01251	Trust: 0.6
db:	BID	id:	66598	Trust: 0.4
db:	VULHUB	id:	VHN-67352	Trust: 0.1

sources: CNVD: CNVD-2014-01251 // VULHUB: VHN-67352 // BID: 66598 // JVNDB: JVNDB-2014-001865 // CNNVD: CNNVD-201404-015 // NVD: CVE-2013-7350

REFERENCES

url:	https://supportcenter.checkpoint.com/supportcenter/portal?eventsubmit_dogoviewsolutiondetails=&solutionid=sk98332&src=securityalerts	Trust: 1.9
url:	http://osvdb.org/102745	Trust: 1.7
url:	http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2013-7350	Trust: 0.8
url:	http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2013-7350	Trust: 0.8
url:	http://osvdb.com/show/osvdb/102745	Trust: 0.6
url:	http://www.checkpoint.com	Trust: 0.3
url:	https://supportcenter.checkpoint.com/supportcenter/portal?eventsubmit_dogoviewsolutiondetails=&solutionid=sk98332&src=securityalerts	Trust: 0.1

sources: CNVD: CNVD-2014-01251 // VULHUB: VHN-67352 // BID: 66598 // JVNDB: JVNDB-2014-001865 // CNNVD: CNNVD-201404-015 // NVD: CVE-2013-7350

CREDITS

Reported by the vendor.

Trust: 0.3

sources: BID: 66598

SOURCES

db:	CNVD	id:	CNVD-2014-01251
db:	VULHUB	id:	VHN-67352
db:	BID	id:	66598
db:	JVNDB	id:	JVNDB-2014-001865
db:	CNNVD	id:	CNNVD-201404-015
db:	NVD	id:	CVE-2013-7350

LAST UPDATE DATE

2025-04-13T23:10:17.111000+00:00

SOURCES UPDATE DATE

db:	CNVD	id:	CNVD-2014-01251	date:	2014-02-26T00:00:00
db:	VULHUB	id:	VHN-67352	date:	2014-04-01T00:00:00
db:	BID	id:	66598	date:	2014-04-01T00:00:00
db:	JVNDB	id:	JVNDB-2014-001865	date:	2014-04-02T00:00:00
db:	CNNVD	id:	CNNVD-201404-015	date:	2014-04-03T00:00:00
db:	NVD	id:	CVE-2013-7350	date:	2025-04-12T10:46:40.837

SOURCES RELEASE DATE

db:	CNVD	id:	CNVD-2014-01251	date:	2014-02-26T00:00:00
db:	VULHUB	id:	VHN-67352	date:	2014-04-01T00:00:00
db:	BID	id:	66598	date:	2014-04-01T00:00:00
db:	JVNDB	id:	JVNDB-2014-001865	date:	2014-04-02T00:00:00
db:	CNNVD	id:	CNNVD-201404-015	date:	2014-04-03T00:00:00
db:	NVD	id:	CVE-2013-7350	date:	2014-04-01T06:35:53.387