Support Center > Search Results > SecureKnowledge Details
Partial information disclosure in SNX client for Linux before build 800008302 (CVE-2021-30357) Technical Level
Symptoms
  • SSL Network Extender client for Linux before build 800008302 reveals part of the contents of the configuration file supplied, which allows partially disclosing files to which the user did not have access.
Cause

SNX can accept files with connection commands. If such a file contains wrong commands, SNX prints the line with unrecognized command. Since SNX runs as ROOT, an attacker can supply any file on the system and get one line of its content. If the file contains sensitive information, the attacker can get part of it.


Solution

Users should install a hotfix to upgrade SNX to a non-vulnerable version:

Gateway Hotfix name Hotfix (Gaia)
R80.10 R80_10_SNX_update_750 TGZ
R80.20 R80_20_SNX_update_584_main TGZ
R80.30 R80_30_SNX_update_382_main TGZ
R80.40 R80_40_SNX_update_568_main TGZ
R81 R81_SNX_update_111_main TGZ

Hotfix Installation CPUSE Identifier

To install the hotfix via CPUSE in Gaia portal or CPUSE CLI use identifiers listed in the table below:

Gateway CPUSE Identifier
R80.10 Check_Point_R80_10_SNX_UPDATE_750_Bundle_T3_FULL.tgz
R80.20 Check_Point_R80_20_SNX_UPDATE_584_MAIN_Bundle_T4_FULL.tgz
R80.30 Check_Point_R80_30_SNX_UPDATE_382_MAIN_Bundle_T6_FULL.tgz
R80.40 Check_Point_R80_40_SNX_UPDATE_568_MAIN_Bundle_T3_FULL.tgz
R81 Check_Point_R81_SNX_UPDATE_111_MAIN_Bundle_T1_FULL.tgz

Information for SMB users

The fix is available for SMB customers of 15xx series. On SMB, to upgrade the SNX Client, the customer should run the CLI command:

delete ssl-network-extender

OR upgrade the gateway firmware.

The fix for previous series (1100/1200R/700/1400) will be available later.

This solution has been verified for the specific scenario, described by the combination of Product, Version and Symptoms. It may not work in other scenarios.
Applies To:

Give us Feedback
Please rate this document
[1=Worst,5=Best]
Comment