CVE-2024-24911

Summary

In rare scenarios, the cpca process on the Security Management Server / Domain Management Server may exit unexpectedly, creating a core dump file. When the cpca process is down, VPN and SIC connectivity issues may occur if the CRL is not present in the Security Gateway's CRL cache.

Affected Software

VendorProductVersion RangeStatus
checkpointMulti-Domain Security Management, Quantum Security ManagementQuantum Security Management R81 (EOS), R81.10, R81.20affected

Weaknesses

  • CWE-125: CWE-125: Out-of-bounds Read

ADP Enrichment

CISA ADP Vulnrichment

  • SSVC:
  • Exploitation: none
    • Automatable: yes
    • Technical Impact: partial

References