The IPsec VPN blade has a dedicated portal for downloading and connecting through SSL Network Extender (SNX). If the portal is configured for username/password authentication, it is vulnerable to a brute-force attack on usernames and passwords.

Attack Vector Network

Attack Complexity Low

Privileges Required None

Scope Unchanged

Confidentiality Impact High

Integrity Impact None

Availability Impact None

User Interaction None

No CVSS v3.0

No CVSS v2

Vendors Products
Checkpoint
  • Ssl Network Extender

Configuration 1 [-]

OR cpe:2.3:a:checkpoint:ssl_network_extender:r80.20:-:*:*:*:-:*:*
cpe:2.3:a:checkpoint:ssl_network_extender:r80.20:take_10:*:*:*:-:*:*
cpe:2.3:a:checkpoint:ssl_network_extender:r80.20:take_103:*:*:*:-:*:*
cpe:2.3:a:checkpoint:ssl_network_extender:r80.20:take_117:*:*:*:-:*:*
cpe:2.3:a:checkpoint:ssl_network_extender:r80.20:take_118:*:*:*:-:*:*
cpe:2.3:a:checkpoint:ssl_network_extender:r80.20:take_127:*:*:*:-:*:*
cpe:2.3:a:checkpoint:ssl_network_extender:r80.20:take_134:*:*:*:-:*:*
cpe:2.3:a:checkpoint:ssl_network_extender:r80.20:take_135:*:*:*:-:*:*
cpe:2.3:a:checkpoint:ssl_network_extender:r80.20:take_138:*:*:*:-:*:*
cpe:2.3:a:checkpoint:ssl_network_extender:r80.20:take_141:*:*:*:-:*:*
cpe:2.3:a:checkpoint:ssl_network_extender:r80.20:take_149:*:*:*:-:*:*
cpe:2.3:a:checkpoint:ssl_network_extender:r80.20:take_155:*:*:*:-:*:*
cpe:2.3:a:checkpoint:ssl_network_extender:r80.20:take_156:*:*:*:-:*:*
cpe:2.3:a:checkpoint:ssl_network_extender:r80.20:take_160:*:*:*:-:*:*
cpe:2.3:a:checkpoint:ssl_network_extender:r80.20:take_161:*:*:*:-:*:*
cpe:2.3:a:checkpoint:ssl_network_extender:r80.20:take_17:*:*:*:-:*:*
cpe:2.3:a:checkpoint:ssl_network_extender:r80.20:take_173:*:*:*:-:*:*
cpe:2.3:a:checkpoint:ssl_network_extender:r80.20:take_183:*:*:*:-:*:*
cpe:2.3:a:checkpoint:ssl_network_extender:r80.20:take_187:*:*:*:-:*:*
cpe:2.3:a:checkpoint:ssl_network_extender:r80.20:take_188:*:*:*:-:*:*
cpe:2.3:a:checkpoint:ssl_network_extender:r80.20:take_190:*:*:*:-:*:*
cpe:2.3:a:checkpoint:ssl_network_extender:r80.20:take_202:*:*:*:-:*:*
cpe:2.3:a:checkpoint:ssl_network_extender:r80.20:take_203:*:*:*:-:*:*
cpe:2.3:a:checkpoint:ssl_network_extender:r80.20:take_205:*:*:*:-:*:*
cpe:2.3:a:checkpoint:ssl_network_extender:r80.20:take_208:*:*:*:-:*:*
cpe:2.3:a:checkpoint:ssl_network_extender:r80.20:take_210:*:*:*:-:*:*
cpe:2.3:a:checkpoint:ssl_network_extender:r80.20:take_211:*:*:*:-:*:*
cpe:2.3:a:checkpoint:ssl_network_extender:r80.20:take_220:*:*:*:-:*:*
cpe:2.3:a:checkpoint:ssl_network_extender:r80.20:take_33:*:*:*:-:*:*
cpe:2.3:a:checkpoint:ssl_network_extender:r80.20:take_42:*:*:*:-:*:*
cpe:2.3:a:checkpoint:ssl_network_extender:r80.20:take_47:*:*:*:-:*:*
cpe:2.3:a:checkpoint:ssl_network_extender:r80.20:take_73:*:*:*:-:*:*
cpe:2.3:a:checkpoint:ssl_network_extender:r80.20:take_74:*:*:*:-:*:*
cpe:2.3:a:checkpoint:ssl_network_extender:r80.20:take_80:*:*:*:-:*:*
cpe:2.3:a:checkpoint:ssl_network_extender:r80.20:take_87:*:*:*:-:*:*
cpe:2.3:a:checkpoint:ssl_network_extender:r80.20:take_91:*:*:*:-:*:*
cpe:2.3:a:checkpoint:ssl_network_extender:r80.20sp:-:*:*:*:-:*:*
cpe:2.3:a:checkpoint:ssl_network_extender:r80.20sp:take_105:*:*:*:-:*:*
cpe:2.3:a:checkpoint:ssl_network_extender:r80.20sp:take_121:*:*:*:-:*:*
cpe:2.3:a:checkpoint:ssl_network_extender:r80.20sp:take_163:*:*:*:-:*:*
cpe:2.3:a:checkpoint:ssl_network_extender:r80.20sp:take_178:*:*:*:-:*:*
cpe:2.3:a:checkpoint:ssl_network_extender:r80.20sp:take_191:*:*:*:-:*:*
cpe:2.3:a:checkpoint:ssl_network_extender:r80.20sp:take_210:*:*:*:-:*:*
cpe:2.3:a:checkpoint:ssl_network_extender:r80.20sp:take_240:*:*:*:-:*:*
cpe:2.3:a:checkpoint:ssl_network_extender:r80.20sp:take_258:*:*:*:-:*:*
cpe:2.3:a:checkpoint:ssl_network_extender:r80.20sp:take_266:*:*:*:-:*:*
cpe:2.3:a:checkpoint:ssl_network_extender:r80.20sp:take_273:*:*:*:-:*:*
cpe:2.3:a:checkpoint:ssl_network_extender:r80.20sp:take_279:*:*:*:-:*:*
cpe:2.3:a:checkpoint:ssl_network_extender:r80.20sp:take_283:*:*:*:-:*:*
cpe:2.3:a:checkpoint:ssl_network_extender:r80.20sp:take_295:*:*:*:-:*:*
cpe:2.3:a:checkpoint:ssl_network_extender:r80.20sp:take_302:*:*:*:-:*:*
cpe:2.3:a:checkpoint:ssl_network_extender:r80.20sp:take_304:*:*:*:-:*:*
cpe:2.3:a:checkpoint:ssl_network_extender:r80.20sp:take_305:*:*:*:-:*:*
cpe:2.3:a:checkpoint:ssl_network_extender:r80.20sp:take_306:*:*:*:-:*:*
cpe:2.3:a:checkpoint:ssl_network_extender:r80.20sp:take_309:*:*:*:-:*:*
cpe:2.3:a:checkpoint:ssl_network_extender:r80.20sp:take_310:*:*:*:-:*:*
cpe:2.3:a:checkpoint:ssl_network_extender:r80.20sp:take_313:*:*:*:-:*:*
cpe:2.3:a:checkpoint:ssl_network_extender:r80.20sp:take_314:*:*:*:-:*:*
cpe:2.3:a:checkpoint:ssl_network_extender:r80.20sp:take_315:*:*:*:-:*:*
cpe:2.3:a:checkpoint:ssl_network_extender:r80.20sp:take_317:*:*:*:-:*:*
cpe:2.3:a:checkpoint:ssl_network_extender:r80.20sp:take_326:*:*:*:-:*:*
cpe:2.3:a:checkpoint:ssl_network_extender:r80.20sp:take_327:*:*:*:-:*:*
cpe:2.3:a:checkpoint:ssl_network_extender:r80.20sp:take_331:*:*:*:-:*:*
cpe:2.3:a:checkpoint:ssl_network_extender:r80.20sp:take_332:*:*:*:-:*:*
cpe:2.3:a:checkpoint:ssl_network_extender:r80.20sp:take_334:*:*:*:-:*:*
cpe:2.3:a:checkpoint:ssl_network_extender:r80.20sp:take_335:*:*:*:-:*:*
cpe:2.3:a:checkpoint:ssl_network_extender:r80.30:-:*:*:*:-:*:*
cpe:2.3:a:checkpoint:ssl_network_extender:r80.30:take_107:*:*:*:-:*:*
cpe:2.3:a:checkpoint:ssl_network_extender:r80.30:take_111:*:*:*:-:*:*
cpe:2.3:a:checkpoint:ssl_network_extender:r80.30:take_135:*:*:*:-:*:*
cpe:2.3:a:checkpoint:ssl_network_extender:r80.30:take_136:*:*:*:-:*:*
cpe:2.3:a:checkpoint:ssl_network_extender:r80.30:take_140:*:*:*:-:*:*
cpe:2.3:a:checkpoint:ssl_network_extender:r80.30:take_155:*:*:*:-:*:*
cpe:2.3:a:checkpoint:ssl_network_extender:r80.30:take_163:*:*:*:-:*:*
cpe:2.3:a:checkpoint:ssl_network_extender:r80.30:take_166:*:*:*:-:*:*
cpe:2.3:a:checkpoint:ssl_network_extender:r80.30:take_168:*:*:*:-:*:*
cpe:2.3:a:checkpoint:ssl_network_extender:r80.30:take_180:*:*:*:-:*:*
cpe:2.3:a:checkpoint:ssl_network_extender:r80.30:take_19:*:*:*:-:*:*
cpe:2.3:a:checkpoint:ssl_network_extender:r80.30:take_191:*:*:*:-:*:*
cpe:2.3:a:checkpoint:ssl_network_extender:r80.30:take_195:*:*:*:-:*:*
cpe:2.3:a:checkpoint:ssl_network_extender:r80.30:take_196:*:*:*:-:*:*
cpe:2.3:a:checkpoint:ssl_network_extender:r80.30:take_210:*:*:*:-:*:*
cpe:2.3:a:checkpoint:ssl_network_extender:r80.30:take_213:*:*:*:-:*:*
cpe:2.3:a:checkpoint:ssl_network_extender:r80.30:take_214:*:*:*:-:*:*
cpe:2.3:a:checkpoint:ssl_network_extender:r80.30:take_215:*:*:*:-:*:*
cpe:2.3:a:checkpoint:ssl_network_extender:r80.30:take_217:*:*:*:-:*:*
cpe:2.3:a:checkpoint:ssl_network_extender:r80.30:take_219:*:*:*:-:*:*
cpe:2.3:a:checkpoint:ssl_network_extender:r80.30:take_221:*:*:*:-:*:*
cpe:2.3:a:checkpoint:ssl_network_extender:r80.30:take_226:*:*:*:-:*:*
cpe:2.3:a:checkpoint:ssl_network_extender:r80.30:take_227:*:*:*:-:*:*
cpe:2.3:a:checkpoint:ssl_network_extender:r80.30:take_228:*:*:*:-:*:*
cpe:2.3:a:checkpoint:ssl_network_extender:r80.30:take_232:*:*:*:-:*:*
cpe:2.3:a:checkpoint:ssl_network_extender:r80.30:take_235:*:*:*:-:*:*
cpe:2.3:a:checkpoint:ssl_network_extender:r80.30:take_236:*:*:*:-:*:*
cpe:2.3:a:checkpoint:ssl_network_extender:r80.30:take_237:*:*:*:-:*:*
cpe:2.3:a:checkpoint:ssl_network_extender:r80.30:take_241:*:*:*:-:*:*
cpe:2.3:a:checkpoint:ssl_network_extender:r80.30:take_242:*:*:*:-:*:*
cpe:2.3:a:checkpoint:ssl_network_extender:r80.30:take_245:*:*:*:-:*:*
cpe:2.3:a:checkpoint:ssl_network_extender:r80.30:take_246:*:*:*:-:*:*
cpe:2.3:a:checkpoint:ssl_network_extender:r80.30:take_251:*:*:*:-:*:*
cpe:2.3:a:checkpoint:ssl_network_extender:r80.30:take_254:*:*:*:-:*:*
cpe:2.3:a:checkpoint:ssl_network_extender:r80.30:take_50:*:*:*:-:*:*
cpe:2.3:a:checkpoint:ssl_network_extender:r80.30:take_76:*:*:*:-:*:*
cpe:2.3:a:checkpoint:ssl_network_extender:r80.30sp:-:*:*:*:-:*:*
cpe:2.3:a:checkpoint:ssl_network_extender:r80.30sp:take_101:*:*:*:-:*:*
cpe:2.3:a:checkpoint:ssl_network_extender:r80.30sp:take_31:*:*:*:-:*:*
cpe:2.3:a:checkpoint:ssl_network_extender:r80.30sp:take_32:*:*:*:-:*:*
cpe:2.3:a:checkpoint:ssl_network_extender:r80.30sp:take_45:*:*:*:-:*:*
cpe:2.3:a:checkpoint:ssl_network_extender:r80.30sp:take_49:*:*:*:-:*:*
cpe:2.3:a:checkpoint:ssl_network_extender:r80.30sp:take_56:*:*:*:-:*:*
cpe:2.3:a:checkpoint:ssl_network_extender:r80.30sp:take_73:*:*:*:-:*:*
cpe:2.3:a:checkpoint:ssl_network_extender:r80.30sp:take_75:*:*:*:-:*:*
cpe:2.3:a:checkpoint:ssl_network_extender:r80.30sp:take_82:*:*:*:-:*:*
cpe:2.3:a:checkpoint:ssl_network_extender:r80.30sp:take_97:*:*:*:-:*:*
cpe:2.3:a:checkpoint:ssl_network_extender:r80.40:-:*:*:*:-:*:*
cpe:2.3:a:checkpoint:ssl_network_extender:r80.40:take_100:*:*:*:-:*:*
cpe:2.3:a:checkpoint:ssl_network_extender:r80.40:take_102:*:*:*:-:*:*
cpe:2.3:a:checkpoint:ssl_network_extender:r80.40:take_114:*:*:*:-:*:*
cpe:2.3:a:checkpoint:ssl_network_extender:r80.40:take_118:*:*:*:-:*:*
cpe:2.3:a:checkpoint:ssl_network_extender:r80.40:take_119:*:*:*:-:*:*
cpe:2.3:a:checkpoint:ssl_network_extender:r80.40:take_120:*:*:*:-:*:*
cpe:2.3:a:checkpoint:ssl_network_extender:r80.40:take_121:*:*:*:-:*:*
cpe:2.3:a:checkpoint:ssl_network_extender:r80.40:take_125:*:*:*:-:*:*
cpe:2.3:a:checkpoint:ssl_network_extender:r80.40:take_126:*:*:*:-:*:*
cpe:2.3:a:checkpoint:ssl_network_extender:r80.40:take_131:*:*:*:-:*:*
cpe:2.3:a:checkpoint:ssl_network_extender:r80.40:take_138:*:*:*:-:*:*
cpe:2.3:a:checkpoint:ssl_network_extender:r80.40:take_139:*:*:*:-:*:*
cpe:2.3:a:checkpoint:ssl_network_extender:r80.40:take_150:*:*:*:-:*:*
cpe:2.3:a:checkpoint:ssl_network_extender:r80.40:take_153:*:*:*:-:*:*
cpe:2.3:a:checkpoint:ssl_network_extender:r80.40:take_154:*:*:*:-:*:*
cpe:2.3:a:checkpoint:ssl_network_extender:r80.40:take_156:*:*:*:-:*:*
cpe:2.3:a:checkpoint:ssl_network_extender:r80.40:take_158:*:*:*:-:*:*
cpe:2.3:a:checkpoint:ssl_network_extender:r80.40:take_161:*:*:*:-:*:*
cpe:2.3:a:checkpoint:ssl_network_extender:r80.40:take_172:*:*:*:-:*:*
cpe:2.3:a:checkpoint:ssl_network_extender:r80.40:take_173:*:*:*:-:*:*
cpe:2.3:a:checkpoint:ssl_network_extender:r80.40:take_25:*:*:*:-:*:*
cpe:2.3:a:checkpoint:ssl_network_extender:r80.40:take_38:*:*:*:-:*:*
cpe:2.3:a:checkpoint:ssl_network_extender:r80.40:take_45:*:*:*:-:*:*
cpe:2.3:a:checkpoint:ssl_network_extender:r80.40:take_48:*:*:*:-:*:*
cpe:2.3:a:checkpoint:ssl_network_extender:r80.40:take_53:*:*:*:-:*:*
cpe:2.3:a:checkpoint:ssl_network_extender:r80.40:take_54:*:*:*:-:*:*
cpe:2.3:a:checkpoint:ssl_network_extender:r80.40:take_55:*:*:*:-:*:*
cpe:2.3:a:checkpoint:ssl_network_extender:r80.40:take_65:*:*:*:-:*:*
cpe:2.3:a:checkpoint:ssl_network_extender:r80.40:take_67:*:*:*:-:*:*
cpe:2.3:a:checkpoint:ssl_network_extender:r80.40:take_69:*:*:*:-:*:*
cpe:2.3:a:checkpoint:ssl_network_extender:r80.40:take_74:*:*:*:-:*:*
cpe:2.3:a:checkpoint:ssl_network_extender:r80.40:take_77:*:*:*:-:*:*
cpe:2.3:a:checkpoint:ssl_network_extender:r80.40:take_78:*:*:*:-:*:*
cpe:2.3:a:checkpoint:ssl_network_extender:r80.40:take_83:*:*:*:-:*:*
cpe:2.3:a:checkpoint:ssl_network_extender:r80.40:take_87:*:*:*:-:*:*
cpe:2.3:a:checkpoint:ssl_network_extender:r80.40:take_89:*:*:*:-:*:*
cpe:2.3:a:checkpoint:ssl_network_extender:r80.40:take_91:*:*:*:-:*:*
cpe:2.3:a:checkpoint:ssl_network_extender:r80.40:take_92:*:*:*:-:*:*
cpe:2.3:a:checkpoint:ssl_network_extender:r80.40:take_93:*:*:*:-:*:*
cpe:2.3:a:checkpoint:ssl_network_extender:r80.40:take_94:*:*:*:-:*:*
cpe:2.3:a:checkpoint:ssl_network_extender:r81:-:*:*:*:-:*:*
cpe:2.3:a:checkpoint:ssl_network_extender:r81:take_10:*:*:*:-:*:*
cpe:2.3:a:checkpoint:ssl_network_extender:r81:take_11:*:*:*:-:*:*
cpe:2.3:a:checkpoint:ssl_network_extender:r81:take_13:*:*:*:-:*:*
cpe:2.3:a:checkpoint:ssl_network_extender:r81:take_17:*:*:*:-:*:*
cpe:2.3:a:checkpoint:ssl_network_extender:r81:take_23:*:*:*:-:*:*
cpe:2.3:a:checkpoint:ssl_network_extender:r81:take_25:*:*:*:-:*:*
cpe:2.3:a:checkpoint:ssl_network_extender:r81:take_27:*:*:*:-:*:*
cpe:2.3:a:checkpoint:ssl_network_extender:r81:take_29:*:*:*:-:*:*
cpe:2.3:a:checkpoint:ssl_network_extender:r81:take_34:*:*:*:-:*:*
cpe:2.3:a:checkpoint:ssl_network_extender:r81:take_36:*:*:*:-:*:*
cpe:2.3:a:checkpoint:ssl_network_extender:r81:take_42:*:*:*:-:*:*
cpe:2.3:a:checkpoint:ssl_network_extender:r81:take_44:*:*:*:-:*:*
cpe:2.3:a:checkpoint:ssl_network_extender:r81:take_51:*:*:*:-:*:*
cpe:2.3:a:checkpoint:ssl_network_extender:r81:take_56:*:*:*:-:*:*
cpe:2.3:a:checkpoint:ssl_network_extender:r81:take_58:*:*:*:-:*:*
cpe:2.3:a:checkpoint:ssl_network_extender:r81:take_60:*:*:*:-:*:*
cpe:2.3:a:checkpoint:ssl_network_extender:r81:take_65:*:*:*:-:*:*
cpe:2.3:a:checkpoint:ssl_network_extender:r81:take_68:*:*:*:-:*:*
cpe:2.3:a:checkpoint:ssl_network_extender:r81:take_69:*:*:*:-:*:*
cpe:2.3:a:checkpoint:ssl_network_extender:r81:take_72:*:*:*:-:*:*
cpe:2.3:a:checkpoint:ssl_network_extender:r81:take_74:*:*:*:-:*:*
cpe:2.3:a:checkpoint:ssl_network_extender:r81.10:-:*:*:*:-:*:*
cpe:2.3:a:checkpoint:ssl_network_extender:r81.10:take_14:*:*:*:-:*:*
cpe:2.3:a:checkpoint:ssl_network_extender:r81.10:take_22:*:*:*:-:*:*
cpe:2.3:a:checkpoint:ssl_network_extender:r81.10:take_30:*:*:*:-:*:*
cpe:2.3:a:checkpoint:ssl_network_extender:r81.10:take_38:*:*:*:-:*:*
cpe:2.3:a:checkpoint:ssl_network_extender:r81.10:take_44:*:*:*:-:*:*
cpe:2.3:a:checkpoint:ssl_network_extender:r81.10:take_45:*:*:*:-:*:*
cpe:2.3:a:checkpoint:ssl_network_extender:r81.10:take_55:*:*:*:-:*:*
cpe:2.3:a:checkpoint:ssl_network_extender:r81.10:take_61:*:*:*:-:*:*
cpe:2.3:a:checkpoint:ssl_network_extender:r81.10:take_66:*:*:*:-:*:*
cpe:2.3:a:checkpoint:ssl_network_extender:r81.10:take_75:*:*:*:-:*:*
cpe:2.3:a:checkpoint:ssl_network_extender:r81.10:take_78:*:*:*:-:*:*
cpe:2.3:a:checkpoint:ssl_network_extender:r81.10:take_9:*:*:*:-:*:*
References
Link Resource
https://supportcenter.checkpoint.com/supportcenter/portal?eventSubmit_doGoviewsolutiondetails=&solutionid=sk180271 Mitigation Patch Vendor Advisory
History

No history.

cve-icon MITRE Information

Status: PUBLISHED

Assigner: checkpoint

Published: 2022-11-30T00:00:00

Updated: 2022-12-01T00:00:00

Reserved: 2022-01-19T00:00:00

Link: CVE-2022-23746

JSON object: View

cve-icon NVD Information

Status : Analyzed

Published: 2022-11-30T19:15:10.310

Modified: 2022-12-06T15:49:50.240

Link: CVE-2022-23746

JSON object: View

cve-icon Redhat Information

No data.

CWE