CVE-2026-48134

MEDIUM

SQL injection issue in UserCheck Portal when DLP Software Blade is active

Title source: cna

Description

When the DLP is active, the UserCheck Web Portal contains an input-handling issue in the UserChoice flow. Under specific conditions, an attacker who can access the UserCheck Ask page could attempt to manipulate the Security Gateway's stored DLP/UserCheck incident information. This could lead to disruptions such as loss of stored incident entries, incorrect handling of pending approvals, or resource impact if the issue is abused repeatedly. Exposure is reduced if the UserCheck Portal is not accessible from untrusted networks.

References (1)

Core 1

Core References

https://support.checkpoint.com/results/sk/sk184983

Scores

CVSS v3 5.6

EPSS 0.0403

EPSS Percentile 89.2%

Attack Vector NETWORK

CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:L

CISA SSVC

Vulnrichment

Exploitation none

Automatable no

Technical Impact partial

Details

CWE

CWE-89

Status published

Products (4)

checkpoint/Quantum Security Gateway All releases from R81.10 and below

checkpoint/Quantum Security Gateway R81.20 with Jumbo Hotfix Take 127 or below

checkpoint/Quantum Security Gateway R82 with Jumbo Hotfix Take 91 or below

checkpoint/Quantum Security Gateway R82.10 with Jumbo Hotfix Take 6 or below

Published May 26, 2026

Tracked Since May 26, 2026