CVE-2026-48136

MEDIUM

Authenticated Administrator Role-Based Access Control Bypass in Compliance

Title source: cna

Description

When Compliance is enabled on Check Point Multi-Domain Management, an authenticated administrator with read-write access to one Management Domain (CMA) can modify stored metadata associated with Compliance Best Practices in another Management Domain, where the administrator has no access permissions, bypassing Role-Based Access Control (RBAC).

References (1)

Core 1

Core References

https://support.checkpoint.com/results/sk/sk184992

Scores

CVSS v3 4.1

EPSS 0.0380

EPSS Percentile 88.6%

Attack Vector NETWORK

CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:U/C:L/I:L/A:L

CISA SSVC

Vulnrichment

Exploitation none

Automatable no

Technical Impact partial

Details

CWE

CWE-89

Status published

Products (4)

checkpoint/Quantum Security Management All releases from R81.10 and below

checkpoint/Quantum Security Management R81.20 with Jumbo Hotfix Take 127 or below

checkpoint/Quantum Security Management R82 with Jumbo Hotfix Take 91 or below

checkpoint/Quantum Security Management R82.10 with Jumbo Hotfix Take 6 or below

Published May 26, 2026

Tracked Since May 26, 2026