Vulnerability Details : CVE-2014-8952
Multiple unspecified vulnerabilities in Check Point Security Gateway R75.40VS, R75.45, R75.46, R75.47, R76, R77, and R77.10, when the (1) IPS blade, (2) IPsec Remote Access, (3) Mobile Access / SSL VPN blade, (4) SSL Network Extender, (5) Identify Awareness blade, (6) HTTPS Inspection, (7) UserCheck, or (8) Data Leak Prevention blade module is enabled, allow remote attackers to cause a denial of service ("stability issue") via an unspecified "traffic condition."
Vulnerability category: Denial of service
Products affected by CVE-2014-8952
- cpe:2.3:a:checkpoint:security_gateway:r75.47:*:*:*:*:*:*:*
- cpe:2.3:a:checkpoint:security_gateway:r77:*:*:*:*:*:*:*
- cpe:2.3:a:checkpoint:security_gateway:r77.10:*:*:*:*:*:*:*
- cpe:2.3:a:checkpoint:security_gateway:r76:*:*:*:*:*:*:*
- cpe:2.3:a:checkpoint:security_gateway:r75.40:vs:*:*:*:*:*:*
- cpe:2.3:a:checkpoint:security_gateway:r75.45:*:*:*:*:*:*:*
- cpe:2.3:a:checkpoint:security_gateway:r75.46:*:*:*:*:*:*:*
Exploit prediction scoring system (EPSS) score for CVE-2014-8952
0.69%
Probability of exploitation activity in the next 30 days
EPSS Score History
~ 80 %
Percentile, the proportion of vulnerabilities that are scored at or less
CVSS scores for CVE-2014-8952
Base Score | Base Severity | CVSS Vector | Exploitability Score | Impact Score | Score Source | First Seen |
---|---|---|---|---|---|---|
7.1
|
HIGH | AV:N/AC:M/Au:N/C:N/I:N/A:C |
8.6
|
6.9
|
NIST |
References for CVE-2014-8952
-
https://supportcenter.checkpoint.com/supportcenter/portal?eventSubmit_doGoviewsolutiondetails=&solutionid=sk100431
Important security and stability enhancements for Security GatewayVendor Advisory
-
http://www.securityfocus.com/bid/67993
Check Point Security Gateway Multiple Denial of Service Vulnerabilities
-
https://exchange.xforce.ibmcloud.com/vulnerabilities/98762
Check Point Security Gateway denial of service CVE-2014-8952 Vulnerability Report
Jump to