Sign-up

ID

VAR-202104-1221


CVE

CVE-2021-30356


TITLE

Check Point Identity Agent Post link vulnerability

Trust: 0.6

sources: CNNVD: CNNVD-202104-1665

DESCRIPTION

A denial of service vulnerability was reported in Check Point Identity Agent before R81.018.0000, which could allow low privileged users to overwrite protected system files. Check Point Identity Agent is an application software of American Check Point Company. Used to capture and report identities to the Check Point Identity Aware Security Gateway

Trust: 1.08

sources: NVD: CVE-2021-30356 // VULHUB: VHN-390034 // VULMON: CVE-2021-30356

AFFECTED PRODUCTS

vendor:checkpointmodel:identity agentscope:ltversion:r81.018.0000

Trust: 1.0

sources: NVD: CVE-2021-30356

CVSS

SEVERITY

CVSSV2

CVSSV3

nvd@nist.gov: CVE-2021-30356
value: HIGH

Trust: 1.0

CNNVD: CNNVD-202104-1665
value: HIGH

Trust: 0.6

VULHUB: VHN-390034
value: MEDIUM

Trust: 0.1

VULMON: CVE-2021-30356
value: MEDIUM

Trust: 0.1

nvd@nist.gov: CVE-2021-30356
severity: MEDIUM
baseScore: 5.5
vectorString: AV:N/AC:L/AU:S/C:N/I:P/A:P
accessVector: NETWORK
accessComplexity: LOW
authentication: SINGLE
confidentialityImpact: NONE
integrityImpact: PARTIAL
availabilityImpact: PARTIAL
exploitabilityScore: 8.0
impactScore: 4.9
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 1.1

VULHUB: VHN-390034
severity: MEDIUM
baseScore: 5.5
vectorString: AV:N/AC:L/AU:S/C:N/I:P/A:P
accessVector: NETWORK
accessComplexity: LOW
authentication: SINGLE
confidentialityImpact: NONE
integrityImpact: PARTIAL
availabilityImpact: PARTIAL
exploitabilityScore: 8.0
impactScore: 4.9
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 0.1

nvd@nist.gov: CVE-2021-30356
baseSeverity: HIGH
baseScore: 8.1
vectorString: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:H
attackVector: NETWORK
attackComplexity: LOW
privilegesRequired: LOW
userInteraction: NONE
scope: UNCHANGED
confidentialityImpact: NONE
integrityImpact: HIGH
availabilityImpact: HIGH
exploitabilityScore: 2.8
impactScore: 5.2
version: 3.1

Trust: 1.0

sources: VULHUB: VHN-390034 // VULMON: CVE-2021-30356 // CNNVD: CNNVD-202104-1665 // NVD: CVE-2021-30356

PROBLEMTYPE DATA

problemtype:CWE-59

Trust: 1.0

problemtype:NVD-CWE-noinfo

Trust: 1.0

sources: NVD: CVE-2021-30356

THREAT TYPE

remote

Trust: 0.6

sources: CNNVD: CNNVD-202104-1665

TYPE

post link

Trust: 0.6

sources: CNNVD: CNNVD-202104-1665

PATCH

title:Check Point Identity Agent Post-link vulnerability fixesurl:http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=148737

Trust: 0.6

sources: CNNVD: CNNVD-202104-1665

EXTERNAL IDS

db:NVDid:CVE-2021-30356

Trust: 1.8

db:CNNVDid:CNNVD-202104-1665

Trust: 0.7

db:VULHUBid:VHN-390034

Trust: 0.1

db:VULMONid:CVE-2021-30356

Trust: 0.1

sources: VULHUB: VHN-390034 // VULMON: CVE-2021-30356 // CNNVD: CNNVD-202104-1665 // NVD: CVE-2021-30356

REFERENCES

url:https://supportcontent.checkpoint.com/solutions?id=sk134312

Trust: 1.8

url:https://nvd.nist.gov/vuln/detail/cve-2021-30356

Trust: 0.6

url:https://cwe.mitre.org/data/definitions/.html

Trust: 0.1

url:https://nvd.nist.gov

Trust: 0.1

sources: VULHUB: VHN-390034 // VULMON: CVE-2021-30356 // CNNVD: CNNVD-202104-1665 // NVD: CVE-2021-30356

SOURCES

db:VULHUBid:VHN-390034
db:VULMONid:CVE-2021-30356
db:CNNVDid:CNNVD-202104-1665
db:NVDid:CVE-2021-30356

LAST UPDATE DATE

2024-11-23T23:11:05.850000+00:00


SOURCES UPDATE DATE

db:VULHUBid:VHN-390034date:2021-04-27T00:00:00
db:VULMONid:CVE-2021-30356date:2021-04-27T00:00:00
db:CNNVDid:CNNVD-202104-1665date:2021-04-28T00:00:00
db:NVDid:CVE-2021-30356date:2024-11-21T06:03:56.357

SOURCES RELEASE DATE

db:VULHUBid:VHN-390034date:2021-04-22T00:00:00
db:VULMONid:CVE-2021-30356date:2021-04-22T00:00:00
db:CNNVDid:CNNVD-202104-1665date:2021-04-22T00:00:00
db:NVDid:CVE-2021-30356date:2021-04-22T18:15:08.480