Sign-up

ID

VAR-201411-0130


CVE

CVE-2014-8951


TITLE

Check Point Security Gateway Service disruption in (DoS) Vulnerabilities

Trust: 0.8

sources: JVNDB: JVNDB-2014-005485

DESCRIPTION

Unspecified vulnerability in Check Point Security Gateway R75, R76, R77, and R77.10, when UserCheck is enabled and the (1) Application Control, (2) URL Filtering, (3) DLP, (4) Threat Emulation, (5) Anti-Bot, or (6) Anti-Virus blade is used, allows remote attackers to cause a denial of service (fwk0 process crash, core dump, and restart) via a redirect to the UserCheck page. Check Point Security Gateways is a security gateway device from CheckPoint. There are multiple denial of service vulnerabilities in Check Point Security Gateways: 1. There are multiple related services, such as PS blade, IPsec Remote Access, Mobile Access / SSL VPN blade, SSL Network Extender, Identify Awareness blade, HTTPS Inspection, UserCheck, and Data. Errors can cause system instability. 2, the relevant URL Filtering blade and Application Control blade have errors, which can cause the system to hang. 3. There is an error in redirecting to the UserChec page, which can cause the system to crash. 4, related URL Filtering or Identity Awareness has a security vulnerability, an attacker can exploit the vulnerability to crash the system. It provides security functions such as unified security policies, URL filtering, and anti-virus. Successfully exploiting this issue allows remote attackers to cause denial-of-service conditions

Trust: 3.6

sources: NVD: CVE-2014-8951 // JVNDB: JVNDB-2014-005485 // CNVD: CNVD-2014-08327 // CNVD: CNVD-2014-03736 // CNNVD: CNNVD-201407-322 // BID: 67993 // VULHUB: VHN-76896

IOT TAXONOMY

category:['Network device']sub_category: -

Trust: 1.2

sources: CNVD: CNVD-2014-08327 // CNVD: CNVD-2014-03736

AFFECTED PRODUCTS

vendor:checkpointmodel:security gatewayscope:eqversion:r76

Trust: 1.6

vendor:checkpointmodel:security gatewayscope:eqversion:r75

Trust: 1.6

vendor:checkpointmodel:security gatewayscope:eqversion:r77

Trust: 1.6

vendor:checkpointmodel:security gatewayscope:eqversion:r77.10

Trust: 1.6

vendor:checkmodel:point security gateways r77scope: - version: -

Trust: 1.2

vendor:check pointmodel:security gatewayscope:eqversion:r75

Trust: 0.8

vendor:check pointmodel:security gatewayscope:eqversion:r76

Trust: 0.8

vendor:check pointmodel:security gatewayscope:eqversion:r77

Trust: 0.8

vendor:check pointmodel:security gatewayscope:eqversion:r77.10

Trust: 0.8

vendor:checkmodel:point security gateways r77.10scope: - version: -

Trust: 0.6

vendor:checkmodel:point security gateways r75scope: - version: -

Trust: 0.6

vendor:checkmodel:point security gateways r76scope: - version: -

Trust: 0.6

sources: CNVD: CNVD-2014-08327 // CNVD: CNVD-2014-03736 // JVNDB: JVNDB-2014-005485 // CNNVD: CNNVD-201411-269 // NVD: CVE-2014-8951

CVSS

SEVERITY

CVSSV2

CVSSV3

nvd@nist.gov: CVE-2014-8951
value: HIGH

Trust: 1.0

NVD: CVE-2014-8951
value: HIGH

Trust: 0.8

CNVD: CNVD-2014-08327
value: HIGH

Trust: 0.6

CNVD: CNVD-2014-03736
value: HIGH

Trust: 0.6

CNNVD: CNNVD-201411-269
value: HIGH

Trust: 0.6

VULHUB: VHN-76896
value: HIGH

Trust: 0.1

nvd@nist.gov: CVE-2014-8951
severity: HIGH
baseScore: 7.1
vectorString: AV:N/AC:M/AU:N/C:N/I:N/A:C
accessVector: NETWORK
accessComplexity: MEDIUM
authentication: NONE
confidentialityImpact: NONE
integrityImpact: NONE
availabilityImpact: COMPLETE
exploitabilityScore: 8.6
impactScore: 6.9
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 1.8

CNVD: CNVD-2014-08327
severity: HIGH
baseScore: 7.1
vectorString: AV:N/AC:M/AU:N/C:N/I:N/A:C
accessVector: NETWORK
accessComplexity: MEDIUM
authentication: NONE
confidentialityImpact: NONE
integrityImpact: NONE
availabilityImpact: COMPLETE
exploitabilityScore: 8.6
impactScore: 6.9
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 0.6

CNVD: CNVD-2014-03736
severity: HIGH
baseScore: 7.8
vectorString: AV:N/AC:L/AU:N/C:N/I:N/A:C
accessVector: NETWORK
accessComplexity: LOW
authentication: NONE
confidentialityImpact: NONE
integrityImpact: NONE
availabilityImpact: COMPLETE
exploitabilityScore: 10.0
impactScore: 6.9
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 0.6

VULHUB: VHN-76896
severity: HIGH
baseScore: 7.1
vectorString: AV:N/AC:M/AU:N/C:N/I:N/A:C
accessVector: NETWORK
accessComplexity: MEDIUM
authentication: NONE
confidentialityImpact: NONE
integrityImpact: NONE
availabilityImpact: COMPLETE
exploitabilityScore: 8.6
impactScore: 6.9
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 0.1

sources: CNVD: CNVD-2014-08327 // CNVD: CNVD-2014-03736 // VULHUB: VHN-76896 // JVNDB: JVNDB-2014-005485 // CNNVD: CNNVD-201411-269 // NVD: CVE-2014-8951

PROBLEMTYPE DATA

problemtype:NVD-CWE-noinfo

Trust: 1.0

sources: NVD: CVE-2014-8951

THREAT TYPE

remote

Trust: 1.2

sources: CNNVD: CNNVD-201407-322 // CNNVD: CNNVD-201411-269

TYPE

Failure to Handle Exceptional Conditions

Trust: 0.3

sources: BID: 67993

CONFIGURATIONS

sources:
            
            
            JVNDB: JVNDB-2014-005485

PATCH
title:Random traffic outages when UserCheck is enabled on Security Gatewayurl:https://supportcenter.checkpoint.com/supportcenter/portal?eventSubmit_doGoviewsolutiondetails=&solutionid=sk100505
Trust: 0.8
title:Patch for Check Point Security Gateways Denial of Service Vulnerability (CNVD-2014-08327)url:https://www.cnvd.org.cn/patchInfo/show/51936
Trust: 0.6
title:Patches for Multiple Denial of Service Vulnerabilities in Check Point Security Gatewaysurl:https://www.cnvd.org.cn/patchInfo/show/46508
Trust: 0.6
title:CapsuleDocsProxyR77_20url:http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=54628
Trust: 0.6
sources:
            
            
            CNVD: CNVD-2014-08327 // 
            
            
            
            CNVD: CNVD-2014-03736 // 
            
            
            
            JVNDB: JVNDB-2014-005485 // 
            
            
            
            CNNVD: CNNVD-201411-269

EXTERNAL IDS
db:NVDid:CVE-2014-8951
Trust: 3.4
db:SECUNIAid:58487
Trust: 2.9
db:BIDid:67993
Trust: 2.6
db:JVNDBid:JVNDB-2014-005485
Trust: 0.8
db:CNNVDid:CNNVD-201411-269
Trust: 0.7
db:CNVDid:CNVD-2014-08327
Trust: 0.6
db:CNVDid:CNVD-2014-03736
Trust: 0.6
db:CNNVDid:CNNVD-201407-322
Trust: 0.6
db:VULHUBid:VHN-76896
Trust: 0.1
sources:
            
            
            CNVD: CNVD-2014-08327 // 
            
            
            
            CNVD: CNVD-2014-03736 // 
            
            
            
            VULHUB: VHN-76896 // 
            
            
            
            BID: 67993 // 
            
            
            
            JVNDB: JVNDB-2014-005485 // 
            
            
            
            CNNVD: CNNVD-201407-322 // 
            
            
            
            CNNVD: CNNVD-201411-269 // 
            
            
            
            NVD: CVE-2014-8951

REFERENCES
url:http://secunia.com/advisories/58487
Trust: 2.3
url:http://www.securityfocus.com/bid/67993
Trust: 1.7
url:https://supportcenter.checkpoint.com/supportcenter/portal?eventsubmit_dogoviewsolutiondetails=&solutionid=sk100505
Trust: 1.6
url:https://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2014-8951
Trust: 1.4
url:https://exchange.xforce.ibmcloud.com/vulnerabilities/98761
Trust: 1.1
url:http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2014-8951
Trust: 0.8
url:http://secunia.com/advisories/58487/
Trust: 0.6
url:https://supportcenter.checkpoint.com/supportcenter/portal?eventsubmit_dogoviewsolutiondetails=&solutionid=sk100505
Trust: 0.1
sources:
            
            
            CNVD: CNVD-2014-08327 // 
            
            
            
            CNVD: CNVD-2014-03736 // 
            
            
            
            VULHUB: VHN-76896 // 
            
            
            
            JVNDB: JVNDB-2014-005485 // 
            
            
            
            CNNVD: CNNVD-201407-322 // 
            
            
            
            CNNVD: CNNVD-201411-269 // 
            
            
            
            NVD: CVE-2014-8951

CREDITS
The vendor reported these issues.
Trust: 0.3
sources:
            
            
            BID: 67993

SOURCES
db:CNVDid:CNVD-2014-08327
db:CNVDid:CNVD-2014-03736
db:VULHUBid:VHN-76896
db:BIDid:67993
db:JVNDBid:JVNDB-2014-005485
db:CNNVDid:CNNVD-201407-322
db:CNNVDid:CNNVD-201411-269
db:NVDid:CVE-2014-8951

LAST UPDATE DATE
2025-04-13T23:18:14.870000+00:00

SOURCES UPDATE DATE
db:CNVDid:CNVD-2014-08327date:2014-11-18T00:00:00
db:CNVDid:CNVD-2014-03736date:2014-06-19T00:00:00
db:VULHUBid:VHN-76896date:2017-09-08T00:00:00
db:BIDid:67993date:2014-11-19T00:57:00
db:JVNDBid:JVNDB-2014-005485date:2014-11-18T00:00:00
db:CNNVDid:CNNVD-201407-322date:2014-07-15T00:00:00
db:CNNVDid:CNNVD-201411-269date:2014-11-17T00:00:00
db:NVDid:CVE-2014-8951date:2025-04-12T10:46:40.837

SOURCES RELEASE DATE
db:CNVDid:CNVD-2014-08327date:2014-11-18T00:00:00
db:CNVDid:CNVD-2014-03736date:2014-06-19T00:00:00
db:VULHUBid:VHN-76896date:2014-11-16T00:00:00
db:BIDid:67993date:2014-06-05T00:00:00
db:JVNDBid:JVNDB-2014-005485date:2014-11-18T00:00:00
db:CNNVDid:CNNVD-201407-322date:2014-06-05T00:00:00
db:CNNVDid:CNNVD-201411-269date:2014-11-17T00:00:00
db:NVDid:CVE-2014-8951date:2014-11-16T17:59:07.020