CVE-2007-0471

high Check Point
CVSS v3 Base Score
7.5
AV:N/AC:L/Au:N/C:P/I:P/A:P
EPSS Score
5.6%
Exploitation probability in 30 days
Top 10% most likely to be exploited
Attack Characteristics
Attack Vector
Network
Attack Complexity
Low
Confidentiality
P
Integrity
P
Availability
P
Published: January 24, 2007 (7050 days ago)
Last Modified: April 23, 2026
Vendor: Check Point
Source: NVD

Description

sre/params.php in the Integrity Clientless Security (ICS) component in Check Point Connectra NGX R62 3.x and earlier before Security Hotfix 5, and possibly VPN-1 NGX R62, allows remote attackers to bypass security requirements via a crafted Report parameter, which returns a valid ICSCookie authentication token.

CWE

CWE-264

Affected Products

checkpoint connectra ngx

References

🔗 lists.grok.org.uk 🔗 osvdb.org 🔗 secunia.com 🔗 secureknowledge.checkpoint.com 🔗 securityreason.com