Vulnerability Details : CVE-2011-1827
Multiple unspecified vulnerabilities in Check Point SSL Network Extender (SNX), SecureWorkSpace, and Endpoint Security On-Demand, as distributed by SecurePlatform, IPSO6, Connectra, and VSX, allow remote attackers to execute arbitrary code via vectors involving a (1) ActiveX control or (2) Java applet.
Vulnerability category: Execute code
Products affected by CVE-2011-1827
- cpe:2.3:a:checkpoint:vpn-1:r65.70:*:*:*:*:*:*:*
- cpe:2.3:a:checkpoint:vpn-1:r70.40:*:*:*:*:*:*:*
- cpe:2.3:a:checkpoint:vpn-1:r71.30:*:*:*:*:*:*:*
- cpe:2.3:a:checkpoint:vpn-1:r75:*:*:*:*:*:*:*
- cpe:2.3:a:checkpoint:connectra_ngx:r66.1:*:*:*:*:*:*:*
- cpe:2.3:a:checkpoint:connectra_ngx:r66.1n:*:*:*:*:*:*:*
- cpe:2.3:a:checkpoint:vpn-1_firewall-1_vsx:r65.20:*:*:*:*:*:*:*
- cpe:2.3:a:checkpoint:vpn-1_firewall-1_vsx:r67:*:*:*:*:*:*:*
Exploit prediction scoring system (EPSS) score for CVE-2011-1827
4.74%
Probability of exploitation activity in the next 30 days
EPSS Score History
~ 93 %
Percentile, the proportion of vulnerabilities that are scored at or less
CVSS scores for CVE-2011-1827
Base Score | Base Severity | CVSS Vector | Exploitability Score | Impact Score | Score Source | First Seen |
---|---|---|---|---|---|---|
9.3
|
HIGH | AV:N/AC:M/Au:N/C:C/I:C/A:C |
8.6
|
10.0
|
NIST |
References for CVE-2011-1827
-
https://supportcenter.checkpoint.com/supportcenter/portal?solutionid=sk62410
Support, Support Requests, Training, Documentation, and Knowledge base for Check Point products and services
-
https://www.sec-consult.com/en/advisories.html#a68
Page not found | SEC Consult
-
http://www.vupen.com/english/advisories/2011/1162
Webmail | OVH- OVHVendor Advisory
-
http://www.securityfocus.com/bid/47695
Multiple Check Point SSL VPN On-Demand Applications Remote Code Execution Vulnerability
Jump to