Sign-up

ID

VAR-201904-0204


CVE

CVE-2019-8456


TITLE

Check Point IKEv2 IPsec VPN Vulnerabilities related to authorization, permissions, and access control

Trust: 0.8

sources: JVNDB: JVNDB-2019-003370

DESCRIPTION

Check Point IKEv2 IPsec VPN up to R80.30, in some less common conditions, may allow an attacker with knowledge of the internal configuration and setup to successfully connect to a site-to-site VPN server. Check Point IKEv2 IPsec VPN Contains vulnerabilities related to authorization, permissions, and access control.Information may be tampered with

Trust: 1.71

sources: NVD: CVE-2019-8456 // JVNDB: JVNDB-2019-003370 // VULHUB: VHN-159891

AFFECTED PRODUCTS

vendor:checkpointmodel:ipsec vpnscope:eqversion:r80.20

Trust: 1.0

vendor:checkpointmodel:ipsec vpnscope:eqversion:r80.10

Trust: 1.0

vendor:check pointmodel:ipsec vpnscope:lteversion:r80.30

Trust: 0.8

sources: JVNDB: JVNDB-2019-003370 // NVD: CVE-2019-8456

CVSS

SEVERITY

CVSSV2

CVSSV3

nvd@nist.gov: CVE-2019-8456
value: MEDIUM

Trust: 1.0

NVD: CVE-2019-8456
value: MEDIUM

Trust: 0.8

CNNVD: CNNVD-201904-312
value: MEDIUM

Trust: 0.6

VULHUB: VHN-159891
value: MEDIUM

Trust: 0.1

nvd@nist.gov: CVE-2019-8456
severity: MEDIUM
baseScore: 4.3
vectorString: AV:N/AC:M/AU:N/C:N/I:P/A:N
accessVector: NETWORK
accessComplexity: MEDIUM
authentication: NONE
confidentialityImpact: NONE
integrityImpact: PARTIAL
availabilityImpact: NONE
exploitabilityScore: 8.6
impactScore: 2.9
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 1.8

VULHUB: VHN-159891
severity: MEDIUM
baseScore: 4.3
vectorString: AV:N/AC:M/AU:N/C:N/I:P/A:N
accessVector: NETWORK
accessComplexity: MEDIUM
authentication: NONE
confidentialityImpact: NONE
integrityImpact: PARTIAL
availabilityImpact: NONE
exploitabilityScore: 8.6
impactScore: 2.9
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 0.1

nvd@nist.gov: CVE-2019-8456
baseSeverity: MEDIUM
baseScore: 5.9
vectorString: CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N
attackVector: NETWORK
attackComplexity: HIGH
privilegesRequired: NONE
userInteraction: NONE
scope: UNCHANGED
confidentialityImpact: NONE
integrityImpact: HIGH
availabilityImpact: NONE
exploitabilityScore: 2.2
impactScore: 3.6
version: 3.1

Trust: 1.0

NVD: CVE-2019-8456
baseSeverity: MEDIUM
baseScore: 5.9
vectorString: CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N
attackVector: NETWORK
attackComplexity: HIGH
privilegesRequired: NONE
userInteraction: NONE
scope: UNCHANGED
confidentialityImpact: NONE
integrityImpact: HIGH
availabilityImpact: NONE
exploitabilityScore: NONE
impactScore: NONE
version: 3.0

Trust: 0.8

sources: VULHUB: VHN-159891 // JVNDB: JVNDB-2019-003370 // CNNVD: CNNVD-201904-312 // NVD: CVE-2019-8456

PROBLEMTYPE DATA

problemtype:CWE-284

Trust: 1.0

problemtype:NVD-CWE-noinfo

Trust: 1.0

problemtype:CWE-264

Trust: 0.9

sources: VULHUB: VHN-159891 // JVNDB: JVNDB-2019-003370 // NVD: CVE-2019-8456

THREAT TYPE

remote

Trust: 0.6

sources: CNNVD: CNNVD-201904-312

TYPE

permissions and access control issues

Trust: 0.6

sources: CNNVD: CNNVD-201904-312

CONFIGURATIONS

sources:
            
            
            JVNDB: JVNDB-2019-003370

PATCH
title:sk149892url:https://supportcenter.checkpoint.com/supportcenter/portal?eventSubmit_doGoviewsolutiondetails=&solutionid=sk149892
Trust: 0.8
title:Check Point Software Technologies IPSec VPN Security vulnerabilitiesurl:http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=91150
Trust: 0.6
sources:
            
            
            JVNDB: JVNDB-2019-003370 // 
            
            
            
            CNNVD: CNNVD-201904-312

EXTERNAL IDS
db:NVDid:CVE-2019-8456
Trust: 2.5
db:JVNDBid:JVNDB-2019-003370
Trust: 0.8
db:CNNVDid:CNNVD-201904-312
Trust: 0.6
db:VULHUBid:VHN-159891
Trust: 0.1
sources:
            
            
            VULHUB: VHN-159891 // 
            
            
            
            JVNDB: JVNDB-2019-003370 // 
            
            
            
            CNNVD: CNNVD-201904-312 // 
            
            
            
            NVD: CVE-2019-8456

REFERENCES
url:https://supportcenter.checkpoint.com/supportcenter/portal?eventsubmit_dogoviewsolutiondetails=&solutionid=sk149892
Trust: 1.6
url:https://nvd.nist.gov/vuln/detail/cve-2019-8456
Trust: 1.4
url:https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2019-8456
Trust: 0.8
url:https://vigilance.fr/vulnerability/check-point-ipsec-vpn-privilege-escalation-via-ikev2-tunnel-28964
Trust: 0.6
url:https://supportcenter.checkpoint.com/supportcenter/portal?eventsubmit_dogoviewsolutiondetails=&solutionid=sk149892
Trust: 0.1
sources:
            
            
            VULHUB: VHN-159891 // 
            
            
            
            JVNDB: JVNDB-2019-003370 // 
            
            
            
            CNNVD: CNNVD-201904-312 // 
            
            
            
            NVD: CVE-2019-8456

SOURCES
db:VULHUBid:VHN-159891
db:JVNDBid:JVNDB-2019-003370
db:CNNVDid:CNNVD-201904-312
db:NVDid:CVE-2019-8456

LAST UPDATE DATE
2024-11-23T21:37:33.216000+00:00

SOURCES UPDATE DATE
db:VULHUBid:VHN-159891date:2020-10-22T00:00:00
db:JVNDBid:JVNDB-2019-003370date:2019-05-15T00:00:00
db:CNNVDid:CNNVD-201904-312date:2020-10-23T00:00:00
db:NVDid:CVE-2019-8456date:2024-11-21T04:49:56.320

SOURCES RELEASE DATE
db:VULHUBid:VHN-159891date:2019-04-09T00:00:00
db:JVNDBid:JVNDB-2019-003370date:2019-05-15T00:00:00
db:CNNVDid:CNNVD-201904-312date:2019-04-08T00:00:00
db:NVDid:CVE-2019-8456date:2019-04-09T21:29:03.803