QwikSec

Security Database

CVE

CWE

Training

CVE-2013-7304

Published: Jan 22, 2014

Modified: Aug 6, 2024

PUBLISHED

Description

Check Point Endpoint Security MI Server through R73 3.0.0 HFA2.5 does not configure X.509 certificate validation for client devices, which allows man-in-the-middle attackers to spoof SSL servers by presenting an arbitrary certificate during a session established by a client.

Vendor	Product	Versions
n/a	n/a	affected `n/a`

References

https://supportcenter.checkpoint.com/supportcenter/portal?eventSubmit_doGoviewsolutiondetails=&solutionid=sk97784

x_refsource_CONFIRM

third-party-advisory

x_refsource_SECUNIA

checkpoint-cve20137304-spoofing(90674)

vdb-entry

x_refsource_XF

vdb-entry

x_refsource_BID

vdb-entry

x_refsource_SECTRACK

Security Training

Train your team to recognize and prevent security threats with our comprehensive security awareness program.

Vulnerability Scanning

Discover vulnerabilities in your applications and infrastructure before attackers do.