Support Center > Search Results > SecureKnowledge Details
Multiple vulnerabilities in Web GUI of UTM-1 Edge, Safe@Office and ZoneAlarm appliances
Symptoms
  • Multiple vulnerabilities were detected in Web GUI on UTM-1 Edge, Safe@Office and ZoneAlarm appliances.

  • Vulnerabilities are of the following nature: XSS, CSRF, information disclosure and offsite redirection.

  • Vulnerable firmware versions are 6.x. 7.x, 8.x.
Solution

This problem was fixed. The fix is included in:

  • Firmware 8.2.44 (and above)
Check Point recommends to always upgrade to the most recent version.


Credit

Check Point thanks Richard Brain of ProCheckUp for responsible disclosure of this issue.

This solution has been verified for the specific scenario, described by the combination of Product, Version and Symptoms. It may not work in other scenarios.

Give us Feedback
Please rate this document
[1=Worst,5=Best]
Comment