Check Point SofaWare Safe@Office, with firmware before Embedded NGX 7.0.45 GA, does not require entry of the old password when changing the admin password, which might allow malicious users to gain privileges by conducting a CSRF attack, making a password change on an unattended workstation, or other vectors.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
sofaware safe at office 500 utm |