Filtered by vendor Checkpoint Subscriptions
Filtered by product Multi-domain Management Subscriptions
Total 3 CVE
CVE Vendors Products Updated CVSS v3.1
CVE-2024-24911 1 Checkpoint 4 Gaia Os, Management Server, Multi-domain Management and 1 more 2025-10-15 5.3 Medium
In rare scenarios, the cpca process on the Security Management Server / Domain Management Server may exit unexpectedly, creating a core dump file. When the cpca process is down, VPN and SIC connectivity issues may occur if the CRL is not present in the Security Gateway's CRL cache.
CVE-2024-24914 1 Checkpoint 10 Clusterxl, Gaia Os, Multi-domain Management and 7 more 2025-08-26 8 High
Authenticated Gaia users can inject code or commands by global variables through special HTTP requests. A Security fix that mitigates this vulnerability is available.
CVE-2021-3449 13 Checkpoint, Debian, Fedoraproject and 10 more 172 Multi-domain Management, Multi-domain Management Firmware, Quantum Security Gateway and 169 more 2024-11-21 5.9 Medium
An OpenSSL TLS server may crash if sent a maliciously crafted renegotiation ClientHello message from a client. If a TLSv1.2 renegotiation ClientHello omits the signature_algorithms extension (where it was present in the initial ClientHello), but includes a signature_algorithms_cert extension then a NULL pointer dereference will result, leading to a crash and a denial of service attack. A server is only vulnerable if it has TLSv1.2 and renegotiation enabled (which is the default configuration). OpenSSL TLS clients are not impacted by this issue. All OpenSSL 1.1.1 versions are affected by this issue. Users of these versions should upgrade to OpenSSL 1.1.1k. OpenSSL 1.0.2 is not impacted by this issue. Fixed in OpenSSL 1.1.1k (Affected 1.1.1-1.1.1j).