Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
Check Point Endpoint Security MI Server through R73 3.0.0 HFA2.5 does not configure X.509 certificate validation for client devices, which allows man-in-the-middle attackers to spoof SSL servers by presenting an arbitrary certificate during a session established by a client.
CVSS Information
N/A
Vulnerability Type
N/A
Vulnerability Title
Check Point Endpoint Security 加密问题漏洞
Vulnerability Description
Check Point Endpoint Security是美国Check Point公司的一套端点安全解决方案。该方案结合了防火墙、网络访问控制、防病毒、反间谍软件、数据安全等功能,保证终端PC机免受基于Web的威胁。 Check Point Endpoint Security MI Server R73 3.0.0 HFA2.5及之前的版本中存在加密问题漏洞,该漏洞源于程序没有验证客户端设备配置的X.509证书。中间人攻击者可通过在客户端建立会话期间提供任意证书利用该漏洞欺骗SSL服务器。
CVSS Information
N/A
Vulnerability Type
N/A