Check Point SofaWare Safe@Office, with firmware before Embedded NGX 7.0.45 GA, does not require entry of the old password when changing the admin password, which might allow attackers to gain privileges by conducting a CSRF attack, making a password change on an unattended workstation, or other vectors.
History

No history.

cve-icon MITRE

Status: PUBLISHED

Assigner: mitre

Published: 2007-06-27T18:00:00

Updated: 2024-08-07T14:21:34.898Z

Reserved: 2007-06-27T00:00:00

Link: CVE-2007-3464

cve-icon Vulnrichment

No data.

cve-icon NVD

Status : Modified

Published: 2007-06-27T18:30:00.000

Modified: 2024-11-21T00:33:18.460

Link: CVE-2007-3464

cve-icon Redhat

No data.