Details of VAR-201411-0111

ID

VAR-201411-0111

CVE

CVE-2014-8950

TITLE

Check Point Security Gateway Service disruption in (DoS) Vulnerabilities

Trust: 0.8

sources: JVNDB: JVNDB-2014-005484

DESCRIPTION

Unspecified vulnerability in Check Point Security Gateway R77 and R77.10, when the (1) URL Filtering or (2) Identity Awareness blade is used, allows remote attackers to cause a denial of service (crash) via vectors involving an HTTPS request. Check Point Security Gateways is a security gateway device from CheckPoint. There are multiple denial of service vulnerabilities in Check Point Security Gateways: 1. There are multiple related services, such as PS blade, IPsec Remote Access, Mobile Access / SSL VPN blade, SSL Network Extender, Identify Awareness blade, HTTPS Inspection, UserCheck, and Data. Errors can cause system instability. 2, the relevant URL Filtering blade and Application Control blade have errors, which can cause the system to hang. 3. There is an error in redirecting to the UserChec page, which can cause the system to crash. It provides security functions such as unified security policies, URL filtering, and anti-virus. Successfully exploiting this issue allows remote attackers to cause denial-of-service conditions

Trust: 3.6

sources: NVD: CVE-2014-8950 // JVNDB: JVNDB-2014-005484 // CNVD: CNVD-2014-03736 // CNVD: CNVD-2014-08328 // CNNVD: CNNVD-201407-322 // BID: 67993 // VULHUB: VHN-76895

IOT TAXONOMY

category:

['Network device']

sub_category:

Trust: 1.2

sources: CNVD: CNVD-2014-03736 // CNVD: CNVD-2014-08328

AFFECTED PRODUCTS

vendor:	checkpoint	model:	security gateway	scope:	eq	version:	r77	Trust: 1.6
vendor:	checkpoint	model:	security gateway	scope:	eq	version:	r77.10	Trust: 1.6
vendor:	check	model:	point security gateways r77	scope:	-	version:	-	Trust: 1.2
vendor:	check point	model:	security gateway	scope:	eq	version:	r77	Trust: 0.8
vendor:	check point	model:	security gateway	scope:	eq	version:	r77.10	Trust: 0.8
vendor:	check	model:	point security gateways r77.10	scope:	-	version:	-	Trust: 0.6

sources: CNVD: CNVD-2014-03736 // CNVD: CNVD-2014-08328 // JVNDB: JVNDB-2014-005484 // CNNVD: CNNVD-201411-268 // NVD: CVE-2014-8950

CVSS

SEVERITY

CVSSV2

CVSSV3

nvd@nist.gov:	CVE-2014-8950
value:	HIGH
Trust: 1.0
NVD:	CVE-2014-8950
value:	HIGH
Trust: 0.8
CNVD:	CNVD-2014-03736
value:	HIGH
Trust: 0.6
CNVD:	CNVD-2014-08328
value:	HIGH
Trust: 0.6
CNNVD:	CNNVD-201411-268
value:	HIGH
Trust: 0.6
VULHUB:	VHN-76895
value:	HIGH
Trust: 0.1

nvd@nist.gov:	CVE-2014-8950
severity:	HIGH
baseScore:	7.1
vectorString:	AV:N/AC:M/AU:N/C:N/I:N/A:C
accessVector:	NETWORK
accessComplexity:	MEDIUM
authentication:	NONE
confidentialityImpact:	NONE
integrityImpact:	NONE
availabilityImpact:	COMPLETE
exploitabilityScore:	8.6
impactScore:	6.9
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.0
Trust: 1.8
CNVD:	CNVD-2014-03736
severity:	HIGH
baseScore:	7.8
vectorString:	AV:N/AC:L/AU:N/C:N/I:N/A:C
accessVector:	NETWORK
accessComplexity:	LOW
authentication:	NONE
confidentialityImpact:	NONE
integrityImpact:	NONE
availabilityImpact:	COMPLETE
exploitabilityScore:	10.0
impactScore:	6.9
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.0
Trust: 0.6
CNVD:	CNVD-2014-08328
severity:	HIGH
baseScore:	7.1
vectorString:	AV:N/AC:M/AU:N/C:N/I:N/A:C
accessVector:	NETWORK
accessComplexity:	MEDIUM
authentication:	NONE
confidentialityImpact:	NONE
integrityImpact:	NONE
availabilityImpact:	COMPLETE
exploitabilityScore:	8.6
impactScore:	6.9
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.0
Trust: 0.6
VULHUB:	VHN-76895
severity:	HIGH
baseScore:	7.1
vectorString:	AV:N/AC:M/AU:N/C:N/I:N/A:C
accessVector:	NETWORK
accessComplexity:	MEDIUM
authentication:	NONE
confidentialityImpact:	NONE
integrityImpact:	NONE
availabilityImpact:	COMPLETE
exploitabilityScore:	8.6
impactScore:	6.9
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.0
Trust: 0.1

sources: CNVD: CNVD-2014-03736 // CNVD: CNVD-2014-08328 // VULHUB: VHN-76895 // JVNDB: JVNDB-2014-005484 // CNNVD: CNNVD-201411-268 // NVD: CVE-2014-8950

PROBLEMTYPE DATA

problemtype:

NVD-CWE-noinfo

Trust: 1.0

sources: NVD: CVE-2014-8950

THREAT TYPE

remote

Trust: 1.2

sources: CNNVD: CNNVD-201407-322 // CNNVD: CNNVD-201411-268

TYPE

Failure to Handle Exceptional Conditions

Trust: 0.3

sources: BID: 67993

CONFIGURATIONS

sources: JVNDB: JVNDB-2014-005484

PATCH

title:	When URL Filtering or Identity Awareness is enabled, trying to reach HTTPS sites can cause the Gateway to crash	url:	https://supportcenter.checkpoint.com/supportcenter/portal?eventSubmit_doGoviewsolutiondetails=&solutionid=sk98935	Trust: 0.8
title:	Patches for Multiple Denial of Service Vulnerabilities in Check Point Security Gateways	url:	https://www.cnvd.org.cn/patchInfo/show/46508	Trust: 0.6
title:	Patch for Check Point Security Gateways Denial of Service Vulnerability (CNVD-2014-08328)	url:	https://www.cnvd.org.cn/patchInfo/show/51935	Trust: 0.6
title:	CapsuleDocsProxyR77_20	url:	http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=54628	Trust: 0.6

sources: CNVD: CNVD-2014-03736 // CNVD: CNVD-2014-08328 // JVNDB: JVNDB-2014-005484 // CNNVD: CNNVD-201411-268

EXTERNAL IDS

db:	NVD	id:	CVE-2014-8950	Trust: 3.4
db:	SECUNIA	id:	58487	Trust: 2.9
db:	BID	id:	67993	Trust: 2.6
db:	JVNDB	id:	JVNDB-2014-005484	Trust: 0.8
db:	CNNVD	id:	CNNVD-201411-268	Trust: 0.7
db:	CNVD	id:	CNVD-2014-03736	Trust: 0.6
db:	CNVD	id:	CNVD-2014-08328	Trust: 0.6
db:	CNNVD	id:	CNNVD-201407-322	Trust: 0.6
db:	VULHUB	id:	VHN-76895	Trust: 0.1

sources: CNVD: CNVD-2014-03736 // CNVD: CNVD-2014-08328 // VULHUB: VHN-76895 // BID: 67993 // JVNDB: JVNDB-2014-005484 // CNNVD: CNNVD-201407-322 // CNNVD: CNNVD-201411-268 // NVD: CVE-2014-8950

REFERENCES

url:	http://secunia.com/advisories/58487	Trust: 2.3
url:	http://www.securityfocus.com/bid/67993	Trust: 1.7
url:	https://supportcenter.checkpoint.com/supportcenter/portal?eventsubmit_dogoviewsolutiondetails=&solutionid=sk98935	Trust: 1.6
url:	https://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2014-8950	Trust: 1.4
url:	https://exchange.xforce.ibmcloud.com/vulnerabilities/98763	Trust: 1.1
url:	http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2014-8950	Trust: 0.8
url:	http://secunia.com/advisories/58487/	Trust: 0.6
url:	https://supportcenter.checkpoint.com/supportcenter/portal?eventsubmit_dogoviewsolutiondetails=&solutionid=sk98935	Trust: 0.1

sources: CNVD: CNVD-2014-03736 // CNVD: CNVD-2014-08328 // VULHUB: VHN-76895 // JVNDB: JVNDB-2014-005484 // CNNVD: CNNVD-201407-322 // CNNVD: CNNVD-201411-268 // NVD: CVE-2014-8950

CREDITS

The vendor reported these issues.

Trust: 0.3

sources: BID: 67993

SOURCES

db:	CNVD	id:	CNVD-2014-03736
db:	CNVD	id:	CNVD-2014-08328
db:	VULHUB	id:	VHN-76895
db:	BID	id:	67993
db:	JVNDB	id:	JVNDB-2014-005484
db:	CNNVD	id:	CNNVD-201407-322
db:	CNNVD	id:	CNNVD-201411-268
db:	NVD	id:	CVE-2014-8950

LAST UPDATE DATE

2025-04-13T23:18:14.828000+00:00

SOURCES UPDATE DATE

db:	CNVD	id:	CNVD-2014-03736	date:	2014-06-19T00:00:00
db:	CNVD	id:	CNVD-2014-08328	date:	2014-11-18T00:00:00
db:	VULHUB	id:	VHN-76895	date:	2017-09-08T00:00:00
db:	BID	id:	67993	date:	2014-11-19T00:57:00
db:	JVNDB	id:	JVNDB-2014-005484	date:	2014-11-18T00:00:00
db:	CNNVD	id:	CNNVD-201407-322	date:	2014-07-15T00:00:00
db:	CNNVD	id:	CNNVD-201411-268	date:	2014-11-17T00:00:00
db:	NVD	id:	CVE-2014-8950	date:	2025-04-12T10:46:40.837

SOURCES RELEASE DATE

db:	CNVD	id:	CNVD-2014-03736	date:	2014-06-19T00:00:00
db:	CNVD	id:	CNVD-2014-08328	date:	2014-11-18T00:00:00
db:	VULHUB	id:	VHN-76895	date:	2014-11-16T00:00:00
db:	BID	id:	67993	date:	2014-06-05T00:00:00
db:	JVNDB	id:	JVNDB-2014-005484	date:	2014-11-18T00:00:00
db:	CNNVD	id:	CNNVD-201407-322	date:	2014-06-05T00:00:00
db:	CNNVD	id:	CNNVD-201411-268	date:	2014-11-17T00:00:00
db:	NVD	id:	CVE-2014-8950	date:	2014-11-16T17:59:05.517