CVE-2001-1499

medium

Check Point

CVSS v3 Base Score

5.0

AV:N/AC:L/Au:N/C:P/I:N/A:N

EPSS Score

0.7%

Exploitation probability in 30 days

Top 28% most likely to be exploited

Attack Characteristics

Attack Vector

Network

Attack Complexity

Low

Confidentiality

Integrity

None

Availability

None

Published: December 31, 2001 (8900 days ago)

Last Modified: April 16, 2026

Vendor: Check Point

Source: NVD

Description

Check Point VPN-1 4.1SP4 using SecuRemote returns different error messages for valid and invalid users, with prompts that vary depending on the authentication method being used, which makes it easier for remote attackers to conduct brute force attacks.

CWE

NVD-CWE-Other

Affected Products

checkpoint vpn-1

References

🔗 www.osvdb.org 🔗 www.securityfocus.com 🔗 www.securityfocus.com 🔗 www.securityfocus.com 🔗 exchange.xforce.ibmcloud.com

CVE-2001-1499

Vulnerability Report

Description

CWE

Affected Products

References