Support Center > Search Results > SecureKnowledge Details
Check Point Response to OpenSSL CVE-2021-3449 Technical Level
Symptoms
  • OpenSSL published CVE-2021-3449 on versions 1.1.1.
  • The CVE can cause a process to stop working.
Solution
Check Point versions lower than R80.40 are not vulnerable!

Check Point is vulnerable to OpenSSL CVE-2021-3449 in the following cases only:
  • Quantum Security Gateway R80.40 or R81, on the Gaia UI and only when there are no other portals enabled (such as VPN Remote Access clients, UserCheck, etc.).
  • Quantum Security Management or Endpoint Management R80.40 or R81 (that should be accessible internally).
  • HTTPS Inspection on R81 after enabling TLS 1.3.
This problem was fixed. The fix is included in:

Give us Feedback
Please rate this document
[1=Worst,5=Best]
Comment