The "Security Management GUI Clients" feature in Check Point Gaia Portal allows authenticated administrators with permission for the GUI Clients settings to inject a CLI command that can run on the Gaia OS.
This issue was discovered and responsibly disclosed by Christophe Schleypen of NATO Cyber Security Centre Pentesting and received ID CVE-2021-30361.
Solution
This problem was fixed. The fix is included starting from:
