sre/params.php in the Integrity Clientless Security (ICS) component in Check Point Connectra NGX R62 3.x and previous versions before Security Hotfix 5, and possibly VPN-1 NGX R62, allows remote malicious users to bypass security requirements via a crafted Report parameter, which returns a valid ICSCookie authentication token.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
checkpoint connectra ngx |