CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
HIGH
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
EPSS
Percentile
42.6%
Local user may lead to privilege escalation using Gaia Portal hostnames page.
Vendor | Product | Version | CPE |
---|---|---|---|
checkpoint | gaia_portal | r80.40 | cpe:2.3:a:checkpoint:gaia_portal:r80.40:-:*:*:*:*:*:* |
checkpoint | gaia_portal | r81 | cpe:2.3:a:checkpoint:gaia_portal:r81:-:*:*:*:*:*:* |
checkpoint | gaia_portal | r81.10 | cpe:2.3:a:checkpoint:gaia_portal:r81.10:-:*:*:*:*:*:* |
checkpoint | gaia_portal | r81.20 | cpe:2.3:a:checkpoint:gaia_portal:r81.20:-:*:*:*:*:*:* |
packetstormsecurity.com/files/173918/Checkpoint-Gaia-Portal-R81.10-Remote-Command-Execution.html
seclists.org/fulldisclosure/2023/Aug/4
seclists.org/fulldisclosure/2023/Jul/43
pentests.nl/pentest-blog/cve-2023-28130-command-injection-in-check-point-gaia-portal/
support.checkpoint.com/results/sk/sk181311