CVE-2019-8456

MEDIUM

Check Point IKEv2 IPsec VPN - Improper Access Control

Title source: llm
STIX 2.1

Description

Check Point IKEv2 IPsec VPN up to R80.30, in some less common conditions, may allow an attacker with knowledge of the internal configuration and setup to successfully connect to a site-to-site VPN server.

Scores

CVSS v3 5.9
EPSS 0.2039
EPSS Percentile 97.2%
Attack Vector NETWORK
CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N

Details

CWE
CWE-284
Status published
Products (2)
checkpoint/ipsec_vpn r80.10
checkpoint/ipsec_vpn r80.20
Published Apr 09, 2019
Tracked Since Feb 18, 2026