CVE-2020-6024 - OpenCVE

Check Point SmartConsole before R80.10 Build 185, R80.20 Build 119, R80.30 before Build 94, R80.40 before Build 415, and R81 before Build 548 were vulnerable to a possible local privilege escalation due to running executables from a directory with write access to all authenticated users.

Attack Vector Local

Attack Complexity Low

Privileges Required Low

Scope Unchanged

Confidentiality Impact High

Integrity Impact High

Availability Impact High

User Interaction None

No CVSS v3.0

Access Vector Local

Access Complexity Low

Authentication None

Confidentiality Impact Partial

Integrity Impact Partial

Availability Impact Partial

AV:L/AC:L/Au:N/C:P/I:P/A:P

Vendors & Products
CPE Configurations

Vendors	Products
Checkpoint	Smartconsole

Configuration 1 [-]

OR	cpe:2.3:a:checkpoint:smartconsole::::::::
	cpe:2.3:a:checkpoint:smartconsole:r80.20:::::::*
	cpe:2.3:a:checkpoint:smartconsole:r80.30:::::::*
	cpe:2.3:a:checkpoint:smartconsole:r80.40:::::::*
	cpe:2.3:a:checkpoint:smartconsole:r81:::::::*

References

Link	Resource
https://supportcontent.checkpoint.com/solutions?id=sk142952	Vendor Advisory

History

No history.

MITRE Information

Status: PUBLISHED

Assigner: checkpoint

Published: 2021-01-20T18:17:53

Updated: 2021-01-26T16:19:49

Reserved: 2020-01-07T00:00:00

Link: CVE-2020-6024

JSON object: View

NVD Information

Status : Analyzed

Published: 2021-01-20T19:15:12.947

Modified: 2021-02-02T19:04:46.307

Link: CVE-2020-6024

JSON object: View

Redhat Information

No data.

CWE

{"containers": {"cna": {"affected": [{"product": "Check Point SmartConsole", "vendor": "n/a", "versions": [{"status": "affected", "version": "R80.20, R80.30, R80.40, R81"}]}], "descriptions": [{"lang": "en", "value": "Check Point SmartConsole before R80.10 Build 185, R80.20 Build 119, R80.30 before Build 94, R80.40 before Build 415, and R81 before Build 548 were vulnerable to a possible local privilege escalation due to running executables from a directory with write access to all authenticated users."}], "problemTypes": [{"descriptions": [{"cweId": "CWE-114", "description": "CWE-114: Process Control", "lang": "en", "type": "CWE"}]}], "providerMetadata": {"dateUpdated": "2021-01-26T16:19:49", "orgId": "897c38be-0345-43cd-b6cf-fe179e0c4f45", "shortName": "checkpoint"}, "references": [{"tags": ["x_refsource_MISC"], "url": "https://supportcontent.checkpoint.com/solutions?id=sk142952"}], "x_legacyV4Record": {"CVE_data_meta": {"ASSIGNER": "cve@checkpoint.com", "ID": "CVE-2020-6024", "STATE": "PUBLIC"}, "affects": {"vendor": {"vendor_data": [{"product": {"product_data": [{"product_name": "Check Point SmartConsole", "version": {"version_data": [{"version_value": "R80.20, R80.30, R80.40, R81"}]}}]}, "vendor_name": "n/a"}]}}, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": {"description_data": [{"lang": "eng", "value": "Check Point SmartConsole before R80.10 Build 185, R80.20 Build 119, R80.30 before Build 94, R80.40 before Build 415, and R81 before Build 548 were vulnerable to a possible local privilege escalation due to running executables from a directory with write access to all authenticated users."}]}, "problemtype": {"problemtype_data": [{"description": [{"lang": "eng", "value": "CWE-114: Process Control"}]}]}, "references": {"reference_data": [{"name": "https://supportcontent.checkpoint.com/solutions?id=sk142952", "refsource": "MISC", "url": "https://supportcontent.checkpoint.com/solutions?id=sk142952"}]}}}}, "cveMetadata": {"assignerOrgId": "897c38be-0345-43cd-b6cf-fe179e0c4f45", "assignerShortName": "checkpoint", "cveId": "CVE-2020-6024", "datePublished": "2021-01-20T18:17:53", "dateReserved": "2020-01-07T00:00:00", "dateUpdated": "2021-01-26T16:19:49", "state": "PUBLISHED"}, "dataType": "CVE_RECORD", "dataVersion": "5.0"}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:checkpoint:smartconsole:*:*:*:*:*:*:*:*", "matchCriteriaId": "B1DD7269-40DD-4A4B-BF0B-E928201BA31D", "versionEndIncluding": "r80.10", "vulnerable": true}, {"criteria": "cpe:2.3:a:checkpoint:smartconsole:r80.20:*:*:*:*:*:*:*", "matchCriteriaId": "5DDE7A64-BC36-4C95-BBE4-9BF146AC66DE", "vulnerable": true}, {"criteria": "cpe:2.3:a:checkpoint:smartconsole:r80.30:*:*:*:*:*:*:*", "matchCriteriaId": "476C415F-F9E3-4A92-9CCF-13FDA0FA99CF", "vulnerable": true}, {"criteria": "cpe:2.3:a:checkpoint:smartconsole:r80.40:*:*:*:*:*:*:*", "matchCriteriaId": "0AD4456C-5CD1-4615-9658-95CD94B7B603", "vulnerable": true}, {"criteria": "cpe:2.3:a:checkpoint:smartconsole:r81:*:*:*:*:*:*:*", "matchCriteriaId": "613920F7-2800-4B77-8A54-6C6BC6E0D233", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "descriptions": [{"lang": "en", "value": "Check Point SmartConsole before R80.10 Build 185, R80.20 Build 119, R80.30 before Build 94, R80.40 before Build 415, and R81 before Build 548 were vulnerable to a possible local privilege escalation due to running executables from a directory with write access to all authenticated users."}, {"lang": "es", "value": "Check Point SmartConsole versi\u00f3n anterior a R80.10 Build 185, versi\u00f3n R80.20 Build 119, versi\u00f3n R80.30 anterior a Build 94, versi\u00f3n R80.40 anterior a Build 415 y la versi\u00f3n R81 anterior a Build 548 eran vulnerables a una posible escalada de privilegios local debido a la ejecuci\u00f3n de ejecutables desde un directorio con acceso de escritura para todos los usuarios autenticados"}], "id": "CVE-2020-6024", "lastModified": "2021-02-02T19:04:46.307", "metrics": {"cvssMetricV2": [{"acInsufInfo": false, "baseSeverity": "MEDIUM", "cvssData": {"accessComplexity": "LOW", "accessVector": "LOCAL", "authentication": "NONE", "availabilityImpact": "PARTIAL", "baseScore": 4.6, "confidentialityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "vectorString": "AV:L/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0"}, "exploitabilityScore": 3.9, "impactScore": 6.4, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": false}], "cvssMetricV31": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 7.8, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "version": "3.1"}, "exploitabilityScore": 1.8, "impactScore": 5.9, "source": "nvd@nist.gov", "type": "Primary"}]}, "published": "2021-01-20T19:15:12.947", "references": [{"source": "cve@checkpoint.com", "tags": ["Vendor Advisory"], "url": "https://supportcontent.checkpoint.com/solutions?id=sk142952"}], "sourceIdentifier": "cve@checkpoint.com", "vulnStatus": "Analyzed", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-269"}], "source": "nvd@nist.gov", "type": "Primary"}, {"description": [{"lang": "en", "value": "CWE-114"}], "source": "cve@checkpoint.com", "type": "Secondary"}]}