CVE-2022-23746 - OpenCVE

The IPsec VPN blade has a dedicated portal for downloading and connecting through SSL Network Extender (SNX). If the portal is configured for username/password authentication, it is vulnerable to a brute-force attack on usernames and passwords.

No CVSS v4.0

Attack Vector Network

Attack Complexity Low

Privileges Required None

Scope Unchanged

Confidentiality Impact High

Integrity Impact None

Availability Impact None

User Interaction None

No CVSS v3.0

No CVSS v2

This CVE is not in the KEV list.

Key SSVC decision points have not yet been added.

Vendors	Products
Checkpoint	Ssl Network Extender

Configuration 1 [-]

OR	cpe:2.3:a:checkpoint:ssl_network_extender:r80.20:-::::-::*
	cpe:2.3:a:checkpoint:ssl_network_extender:r80.20:take_10::::-::*
	cpe:2.3:a:checkpoint:ssl_network_extender:r80.20:take_103::::-::*
	cpe:2.3:a:checkpoint:ssl_network_extender:r80.20:take_117::::-::*
	cpe:2.3:a:checkpoint:ssl_network_extender:r80.20:take_118::::-::*
	cpe:2.3:a:checkpoint:ssl_network_extender:r80.20:take_127::::-::*
	cpe:2.3:a:checkpoint:ssl_network_extender:r80.20:take_134::::-::*
	cpe:2.3:a:checkpoint:ssl_network_extender:r80.20:take_135::::-::*
	cpe:2.3:a:checkpoint:ssl_network_extender:r80.20:take_138::::-::*
	cpe:2.3:a:checkpoint:ssl_network_extender:r80.20:take_141::::-::*
	cpe:2.3:a:checkpoint:ssl_network_extender:r80.20:take_149::::-::*
	cpe:2.3:a:checkpoint:ssl_network_extender:r80.20:take_155::::-::*
	cpe:2.3:a:checkpoint:ssl_network_extender:r80.20:take_156::::-::*
	cpe:2.3:a:checkpoint:ssl_network_extender:r80.20:take_160::::-::*
	cpe:2.3:a:checkpoint:ssl_network_extender:r80.20:take_161::::-::*
	cpe:2.3:a:checkpoint:ssl_network_extender:r80.20:take_17::::-::*
	cpe:2.3:a:checkpoint:ssl_network_extender:r80.20:take_173::::-::*
	cpe:2.3:a:checkpoint:ssl_network_extender:r80.20:take_183::::-::*
	cpe:2.3:a:checkpoint:ssl_network_extender:r80.20:take_187::::-::*
	cpe:2.3:a:checkpoint:ssl_network_extender:r80.20:take_188::::-::*
	cpe:2.3:a:checkpoint:ssl_network_extender:r80.20:take_190::::-::*
	cpe:2.3:a:checkpoint:ssl_network_extender:r80.20:take_202::::-::*
	cpe:2.3:a:checkpoint:ssl_network_extender:r80.20:take_203::::-::*
	cpe:2.3:a:checkpoint:ssl_network_extender:r80.20:take_205::::-::*
	cpe:2.3:a:checkpoint:ssl_network_extender:r80.20:take_208::::-::*
	cpe:2.3:a:checkpoint:ssl_network_extender:r80.20:take_210::::-::*
	cpe:2.3:a:checkpoint:ssl_network_extender:r80.20:take_211::::-::*
	cpe:2.3:a:checkpoint:ssl_network_extender:r80.20:take_220::::-::*
	cpe:2.3:a:checkpoint:ssl_network_extender:r80.20:take_33::::-::*
	cpe:2.3:a:checkpoint:ssl_network_extender:r80.20:take_42::::-::*
	cpe:2.3:a:checkpoint:ssl_network_extender:r80.20:take_47::::-::*
	cpe:2.3:a:checkpoint:ssl_network_extender:r80.20:take_73::::-::*
	cpe:2.3:a:checkpoint:ssl_network_extender:r80.20:take_74::::-::*
	cpe:2.3:a:checkpoint:ssl_network_extender:r80.20:take_80::::-::*
	cpe:2.3:a:checkpoint:ssl_network_extender:r80.20:take_87::::-::*
	cpe:2.3:a:checkpoint:ssl_network_extender:r80.20:take_91::::-::*
	cpe:2.3:a:checkpoint:ssl_network_extender:r80.20sp:-::::-::*
	cpe:2.3:a:checkpoint:ssl_network_extender:r80.20sp:take_105::::-::*
	cpe:2.3:a:checkpoint:ssl_network_extender:r80.20sp:take_121::::-::*
	cpe:2.3:a:checkpoint:ssl_network_extender:r80.20sp:take_163::::-::*
	cpe:2.3:a:checkpoint:ssl_network_extender:r80.20sp:take_178::::-::*
	cpe:2.3:a:checkpoint:ssl_network_extender:r80.20sp:take_191::::-::*
	cpe:2.3:a:checkpoint:ssl_network_extender:r80.20sp:take_210::::-::*
	cpe:2.3:a:checkpoint:ssl_network_extender:r80.20sp:take_240::::-::*
	cpe:2.3:a:checkpoint:ssl_network_extender:r80.20sp:take_258::::-::*
	cpe:2.3:a:checkpoint:ssl_network_extender:r80.20sp:take_266::::-::*
	cpe:2.3:a:checkpoint:ssl_network_extender:r80.20sp:take_273::::-::*
	cpe:2.3:a:checkpoint:ssl_network_extender:r80.20sp:take_279::::-::*
	cpe:2.3:a:checkpoint:ssl_network_extender:r80.20sp:take_283::::-::*
	cpe:2.3:a:checkpoint:ssl_network_extender:r80.20sp:take_295::::-::*
	cpe:2.3:a:checkpoint:ssl_network_extender:r80.20sp:take_302::::-::*
	cpe:2.3:a:checkpoint:ssl_network_extender:r80.20sp:take_304::::-::*
	cpe:2.3:a:checkpoint:ssl_network_extender:r80.20sp:take_305::::-::*
	cpe:2.3:a:checkpoint:ssl_network_extender:r80.20sp:take_306::::-::*
	cpe:2.3:a:checkpoint:ssl_network_extender:r80.20sp:take_309::::-::*
	cpe:2.3:a:checkpoint:ssl_network_extender:r80.20sp:take_310::::-::*
	cpe:2.3:a:checkpoint:ssl_network_extender:r80.20sp:take_313::::-::*
	cpe:2.3:a:checkpoint:ssl_network_extender:r80.20sp:take_314::::-::*
	cpe:2.3:a:checkpoint:ssl_network_extender:r80.20sp:take_315::::-::*
	cpe:2.3:a:checkpoint:ssl_network_extender:r80.20sp:take_317::::-::*
	cpe:2.3:a:checkpoint:ssl_network_extender:r80.20sp:take_326::::-::*
	cpe:2.3:a:checkpoint:ssl_network_extender:r80.20sp:take_327::::-::*
	cpe:2.3:a:checkpoint:ssl_network_extender:r80.20sp:take_331::::-::*
	cpe:2.3:a:checkpoint:ssl_network_extender:r80.20sp:take_332::::-::*
cpe:2.3:a:checkpoint:ssl_network_extender:r80.20sp:take_334::::-::*
cpe:2.3:a:checkpoint:ssl_network_extender:r80.20sp:take_335::::-::*
cpe:2.3:a:checkpoint:ssl_network_extender:r80.30:-::::-::*
cpe:2.3:a:checkpoint:ssl_network_extender:r80.30:take_107::::-::*
cpe:2.3:a:checkpoint:ssl_network_extender:r80.30:take_111::::-::*
cpe:2.3:a:checkpoint:ssl_network_extender:r80.30:take_135::::-::*
cpe:2.3:a:checkpoint:ssl_network_extender:r80.30:take_136::::-::*
cpe:2.3:a:checkpoint:ssl_network_extender:r80.30:take_140::::-::*
cpe:2.3:a:checkpoint:ssl_network_extender:r80.30:take_155::::-::*
cpe:2.3:a:checkpoint:ssl_network_extender:r80.30:take_163::::-::*
cpe:2.3:a:checkpoint:ssl_network_extender:r80.30:take_166::::-::*
cpe:2.3:a:checkpoint:ssl_network_extender:r80.30:take_168::::-::*
cpe:2.3:a:checkpoint:ssl_network_extender:r80.30:take_180::::-::*
cpe:2.3:a:checkpoint:ssl_network_extender:r80.30:take_19::::-::*
cpe:2.3:a:checkpoint:ssl_network_extender:r80.30:take_191::::-::*
cpe:2.3:a:checkpoint:ssl_network_extender:r80.30:take_195::::-::*
cpe:2.3:a:checkpoint:ssl_network_extender:r80.30:take_196::::-::*
cpe:2.3:a:checkpoint:ssl_network_extender:r80.30:take_210::::-::*
cpe:2.3:a:checkpoint:ssl_network_extender:r80.30:take_213::::-::*
cpe:2.3:a:checkpoint:ssl_network_extender:r80.30:take_214::::-::*
cpe:2.3:a:checkpoint:ssl_network_extender:r80.30:take_215::::-::*
cpe:2.3:a:checkpoint:ssl_network_extender:r80.30:take_217::::-::*
cpe:2.3:a:checkpoint:ssl_network_extender:r80.30:take_219::::-::*
cpe:2.3:a:checkpoint:ssl_network_extender:r80.30:take_221::::-::*
cpe:2.3:a:checkpoint:ssl_network_extender:r80.30:take_226::::-::*
cpe:2.3:a:checkpoint:ssl_network_extender:r80.30:take_227::::-::*
cpe:2.3:a:checkpoint:ssl_network_extender:r80.30:take_228::::-::*
cpe:2.3:a:checkpoint:ssl_network_extender:r80.30:take_232::::-::*
cpe:2.3:a:checkpoint:ssl_network_extender:r80.30:take_235::::-::*
cpe:2.3:a:checkpoint:ssl_network_extender:r80.30:take_236::::-::*
cpe:2.3:a:checkpoint:ssl_network_extender:r80.30:take_237::::-::*
cpe:2.3:a:checkpoint:ssl_network_extender:r80.30:take_241::::-::*
cpe:2.3:a:checkpoint:ssl_network_extender:r80.30:take_242::::-::*
cpe:2.3:a:checkpoint:ssl_network_extender:r80.30:take_245::::-::*
cpe:2.3:a:checkpoint:ssl_network_extender:r80.30:take_246::::-::*
cpe:2.3:a:checkpoint:ssl_network_extender:r80.30:take_251::::-::*
cpe:2.3:a:checkpoint:ssl_network_extender:r80.30:take_254::::-::*
cpe:2.3:a:checkpoint:ssl_network_extender:r80.30:take_50::::-::*
cpe:2.3:a:checkpoint:ssl_network_extender:r80.30:take_76::::-::*
cpe:2.3:a:checkpoint:ssl_network_extender:r80.30sp:-::::-::*
cpe:2.3:a:checkpoint:ssl_network_extender:r80.30sp:take_101::::-::*
cpe:2.3:a:checkpoint:ssl_network_extender:r80.30sp:take_31::::-::*
cpe:2.3:a:checkpoint:ssl_network_extender:r80.30sp:take_32::::-::*
cpe:2.3:a:checkpoint:ssl_network_extender:r80.30sp:take_45::::-::*
cpe:2.3:a:checkpoint:ssl_network_extender:r80.30sp:take_49::::-::*
cpe:2.3:a:checkpoint:ssl_network_extender:r80.30sp:take_56::::-::*
cpe:2.3:a:checkpoint:ssl_network_extender:r80.30sp:take_73::::-::*
cpe:2.3:a:checkpoint:ssl_network_extender:r80.30sp:take_75::::-::*
cpe:2.3:a:checkpoint:ssl_network_extender:r80.30sp:take_82::::-::*
cpe:2.3:a:checkpoint:ssl_network_extender:r80.30sp:take_97::::-::*
cpe:2.3:a:checkpoint:ssl_network_extender:r80.40:-::::-::*
cpe:2.3:a:checkpoint:ssl_network_extender:r80.40:take_100::::-::*
cpe:2.3:a:checkpoint:ssl_network_extender:r80.40:take_102::::-::*
cpe:2.3:a:checkpoint:ssl_network_extender:r80.40:take_114::::-::*
cpe:2.3:a:checkpoint:ssl_network_extender:r80.40:take_118::::-::*
cpe:2.3:a:checkpoint:ssl_network_extender:r80.40:take_119::::-::*
cpe:2.3:a:checkpoint:ssl_network_extender:r80.40:take_120::::-::*
cpe:2.3:a:checkpoint:ssl_network_extender:r80.40:take_121::::-::*
cpe:2.3:a:checkpoint:ssl_network_extender:r80.40:take_125::::-::*
cpe:2.3:a:checkpoint:ssl_network_extender:r80.40:take_126::::-::*
cpe:2.3:a:checkpoint:ssl_network_extender:r80.40:take_131::::-::*
cpe:2.3:a:checkpoint:ssl_network_extender:r80.40:take_138::::-::*
cpe:2.3:a:checkpoint:ssl_network_extender:r80.40:take_139::::-::*
cpe:2.3:a:checkpoint:ssl_network_extender:r80.40:take_150::::-::*
cpe:2.3:a:checkpoint:ssl_network_extender:r80.40:take_153::::-::*
cpe:2.3:a:checkpoint:ssl_network_extender:r80.40:take_154::::-::*
cpe:2.3:a:checkpoint:ssl_network_extender:r80.40:take_156::::-::*
cpe:2.3:a:checkpoint:ssl_network_extender:r80.40:take_158::::-::*
cpe:2.3:a:checkpoint:ssl_network_extender:r80.40:take_161::::-::*
cpe:2.3:a:checkpoint:ssl_network_extender:r80.40:take_172::::-::*
cpe:2.3:a:checkpoint:ssl_network_extender:r80.40:take_173::::-::*
cpe:2.3:a:checkpoint:ssl_network_extender:r80.40:take_25::::-::*
cpe:2.3:a:checkpoint:ssl_network_extender:r80.40:take_38::::-::*
cpe:2.3:a:checkpoint:ssl_network_extender:r80.40:take_45::::-::*
cpe:2.3:a:checkpoint:ssl_network_extender:r80.40:take_48::::-::*
cpe:2.3:a:checkpoint:ssl_network_extender:r80.40:take_53::::-::*
cpe:2.3:a:checkpoint:ssl_network_extender:r80.40:take_54::::-::*
cpe:2.3:a:checkpoint:ssl_network_extender:r80.40:take_55::::-::*
cpe:2.3:a:checkpoint:ssl_network_extender:r80.40:take_65::::-::*
cpe:2.3:a:checkpoint:ssl_network_extender:r80.40:take_67::::-::*
cpe:2.3:a:checkpoint:ssl_network_extender:r80.40:take_69::::-::*
cpe:2.3:a:checkpoint:ssl_network_extender:r80.40:take_74::::-::*
cpe:2.3:a:checkpoint:ssl_network_extender:r80.40:take_77::::-::*
cpe:2.3:a:checkpoint:ssl_network_extender:r80.40:take_78::::-::*
cpe:2.3:a:checkpoint:ssl_network_extender:r80.40:take_83::::-::*
cpe:2.3:a:checkpoint:ssl_network_extender:r80.40:take_87::::-::*
cpe:2.3:a:checkpoint:ssl_network_extender:r80.40:take_89::::-::*
cpe:2.3:a:checkpoint:ssl_network_extender:r80.40:take_91::::-::*
cpe:2.3:a:checkpoint:ssl_network_extender:r80.40:take_92::::-::*
cpe:2.3:a:checkpoint:ssl_network_extender:r80.40:take_93::::-::*
cpe:2.3:a:checkpoint:ssl_network_extender:r80.40:take_94::::-::*
cpe:2.3:a:checkpoint:ssl_network_extender:r81:-::::-::*
cpe:2.3:a:checkpoint:ssl_network_extender:r81:take_10::::-::*
cpe:2.3:a:checkpoint:ssl_network_extender:r81:take_11::::-::*
cpe:2.3:a:checkpoint:ssl_network_extender:r81:take_13::::-::*
cpe:2.3:a:checkpoint:ssl_network_extender:r81:take_17::::-::*
cpe:2.3:a:checkpoint:ssl_network_extender:r81:take_23::::-::*
cpe:2.3:a:checkpoint:ssl_network_extender:r81:take_25::::-::*
cpe:2.3:a:checkpoint:ssl_network_extender:r81:take_27::::-::*
cpe:2.3:a:checkpoint:ssl_network_extender:r81:take_29::::-::*
cpe:2.3:a:checkpoint:ssl_network_extender:r81:take_34::::-::*
cpe:2.3:a:checkpoint:ssl_network_extender:r81:take_36::::-::*
cpe:2.3:a:checkpoint:ssl_network_extender:r81:take_42::::-::*
cpe:2.3:a:checkpoint:ssl_network_extender:r81:take_44::::-::*
cpe:2.3:a:checkpoint:ssl_network_extender:r81:take_51::::-::*
cpe:2.3:a:checkpoint:ssl_network_extender:r81:take_56::::-::*
cpe:2.3:a:checkpoint:ssl_network_extender:r81:take_58::::-::*
cpe:2.3:a:checkpoint:ssl_network_extender:r81:take_60::::-::*
cpe:2.3:a:checkpoint:ssl_network_extender:r81:take_65::::-::*
cpe:2.3:a:checkpoint:ssl_network_extender:r81:take_68::::-::*
cpe:2.3:a:checkpoint:ssl_network_extender:r81:take_69::::-::*
cpe:2.3:a:checkpoint:ssl_network_extender:r81:take_72::::-::*
cpe:2.3:a:checkpoint:ssl_network_extender:r81:take_74::::-::*
cpe:2.3:a:checkpoint:ssl_network_extender:r81.10:-::::-::*
cpe:2.3:a:checkpoint:ssl_network_extender:r81.10:take_14::::-::*
cpe:2.3:a:checkpoint:ssl_network_extender:r81.10:take_22::::-::*
cpe:2.3:a:checkpoint:ssl_network_extender:r81.10:take_30::::-::*
cpe:2.3:a:checkpoint:ssl_network_extender:r81.10:take_38::::-::*
cpe:2.3:a:checkpoint:ssl_network_extender:r81.10:take_44::::-::*
cpe:2.3:a:checkpoint:ssl_network_extender:r81.10:take_45::::-::*
cpe:2.3:a:checkpoint:ssl_network_extender:r81.10:take_55::::-::*
cpe:2.3:a:checkpoint:ssl_network_extender:r81.10:take_61::::-::*
cpe:2.3:a:checkpoint:ssl_network_extender:r81.10:take_66::::-::*
cpe:2.3:a:checkpoint:ssl_network_extender:r81.10:take_75::::-::*
cpe:2.3:a:checkpoint:ssl_network_extender:r81.10:take_78::::-::*
cpe:2.3:a:checkpoint:ssl_network_extender:r81.10:take_9::::-::*

No data.

References

Link	Providers
https://supportcenter.checkpoint.com/supportcenter/portal?eventSubmit_doGoviewsolutiondetails=&solutionid=sk180271

History

No history.

MITRE

Status: PUBLISHED

Assigner: checkpoint

Published: 2022-11-30T00:00:00

Updated: 2024-08-03T03:51:45.988Z

Reserved: 2022-01-19T00:00:00

Link: CVE-2022-23746

Vulnrichment

No data.

NVD

Status : Analyzed

Published: 2022-11-30T19:15:10.310

Modified: 2022-12-06T15:49:50.240

Link: CVE-2022-23746

Redhat

No data.

Metrics

Attack Vector Network

Attack Complexity Low

Privileges Required None

Scope Unchanged

Confidentiality Impact High

Integrity Impact None

Availability Impact None

User Interaction None

Affected Vendors & Products

Metrics

Attack Vector Network

Attack Complexity Low

Privileges Required None

Scope Unchanged

Confidentiality Impact High

Integrity Impact None

Availability Impact None

User Interaction None

Affected Vendors & Products

JSON object

JSON object

JSON object

JSON object