Vulnerability Details CVE-2022-23746
The IPsec VPN blade has a dedicated portal for downloading and connecting through SSL Network Extender (SNX). If the portal is configured for username/password authentication, it is vulnerable to a brute-force attack on usernames and passwords.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.002
EPSS Ranking 41.5%
CVSS Severity
CVSS v3 Score 7.5
References
Products affected by CVE-2022-23746
-
cpe:2.3:a:checkpoint:ssl_network_extender:r80.20
-
cpe:2.3:a:checkpoint:ssl_network_extender:r80.20sp
-
cpe:2.3:a:checkpoint:ssl_network_extender:r80.30
-
cpe:2.3:a:checkpoint:ssl_network_extender:r80.30sp
-
cpe:2.3:a:checkpoint:ssl_network_extender:r80.40
-
cpe:2.3:a:checkpoint:ssl_network_extender:r81
-
cpe:2.3:a:checkpoint:ssl_network_extender:r81.10