Support Center > Search Results > SecureKnowledge Details
Check Point Response to Spring Vulnerabilities CVE-2022-22963, CVE-2022-22946, CVE-2022-22947, CVE-2022-22965 (Spring4Shell) and CVE-2022-22950 Technical Level
Solution

On March 29, 2022, new CVEs were published on Spring Cloud: CVE-2022-22963, CVE-2022-22946, CVE-2022-22947, and CVE-2022-22950.

On March 31, 2022, a bypass to the fix for CVE-2010-1622 was published by Praetorian, and received the nickname "Spring4Shell" (see Spring Core on JDK9+ is vulnerable to remote code execution). Later, it was assigned to CVE-2022-22965.

The Check Point Infinity architecture is protected against this threat. We verified that this vulnerability does not affect our Infinity portfolio (including Quantum Security Gateways, Smart Management, Quantum Spark appliances with Gaia Embedded OS, Harmony Endpoint, Harmony Mobile, ThreatCloud, and CloudGuard).
We will continue to update you on any new development of this security event.


Check Point Products Status

Product Status
Quantum Security Gateway Not vulnerable
Quantum Spark appliances with Gaia Embedded OS Not vulnerable
Quantum Security Management Not vulnerable
CloudGuard Not vulnerable
Infinity Portal Not vulnerable
Harmony Endpoint & Harmony Mobile Not vulnerable
Harmony Connect Not vulnerable
ThreatCloud Not vulnerable

Notes:

  • All Check Point software versions, including out of support versions, are not vulnerable.
  • All Check Point appliances are not vulnerable.


IPS protections

Check Point released these IPS protections:

To see these IPS protections in SmartConsole:

  1. From the left navigation panel, click Security Policies.
  2. In the upper pane, click Threat Prevention > Custom Policy.
  3. In the lower pane, click IPS Protections.
  4. In the top search field, enter the name of the CVE number.

Best Practice - Check Point recommends activating HTTPS Inspection (in the Security Gateway / Cluster object properties > HTTPS Inspection view), as the attack payload may appear in encrypted or decrypted traffic.


Harmony Endpoint for Linux Protection

  • Exploit_Linux_Spring4Shell_B


CloudGuard Containers Security Protection

  • Exploit_Linux_Spring4Shell_A

Related Articles:

Give us Feedback
Please rate this document
[1=Worst,5=Best]
Comment