vulnerability

Check Point: Quantum Gateway Information Disclosure: CVE-2024-24919

Try Surface Command

Back to search

Severity	CVSS	Published	Added	Modified
8	(AV:N/AC:L/Au:N/C:C/I:N/A:N)	May 28, 2024	May 29, 2024	Jun 3, 2024

Severity

CVSS

(AV:N/AC:L/Au:N/C:C/I:N/A:N)

Published

May 28, 2024

Added

May 29, 2024

Modified

Jun 3, 2024

Description

A vulnerability in Check Point Security Gateways with IPSec VPN, Remote Access VPN and the Mobile Access software blade allows disclosure of information. The vendor advisory does not specify what information may be disclosed, but does recommend rotating passwords and certificates stored on the device. Check Point discovered this vulnerability while investigating attempts to gain unauthorized access to VPN products used by their customers.

Solution

checkpoint-cve-2024-24919

References

CVE-2024-24919
https://attackerkb.com/topics/CVE-2024-24919
URL-https://support.checkpoint.com/results/sk/sk182336
URL-https://www.rapid7.com/blog/post/2024/05/30/etr-cve-2024-24919-check-point-security-gateway-information-disclosure/

NEW

Explore Exposure Command

Confidently identify and prioritize exposures from endpoint to cloud with full attack surface visibility and threat-aware risk context.

Try it today