GCVE - cpe:2.3:h:checkpoint:multi-domain_management:-:*:*:*:*:*:*:*

Approved changes feed: RSS · Atom

cpe:2.3:h:checkpoint:multi-domain_management:-:*:*:*:*:*:*:*

part: h version: - update: *

Vendor	Checkpoint (`963cc759-0773-5380-992a-923d56af82ce`)
Product	Multi Domain Management (`836111bd-dd85-5fd6-b939-a39899e61ef3`)
Edition	*
Language	*
Software edition	*
Target software	*
Target hardware	*
Other	*
Notes	Imported from NVD CPE 2.0 feed

PURL mappings

PURL	Source	Last updated
No PURL mappings for this CPE yet.

Vulnerability references

Identifier	cpeApplicability	Submitted	db.gcve.eu details	Rationale
`CVE:CVE-2024-24914`	not_vulnerable	2026-06-03 14:55:06.068828	Details available HIGH (8) Authenticated Gaia users can inject code or commands by global variables through special HTTP requests. A Security fix that mitigates this vulnerability is available. Published: 2024-11-07T11:25:53.238Z Updated: 2024-11-07T17:33:31.286Z Open on db.gcve.eu Reference links https://support.checkpoint.com/results/sk/sk182743	Imported from gcve-enriched-dumps CVE data
`CVE:CVE-2024-24911`	not_vulnerable	2026-06-03 14:55:06.052357	Out of Bounds read in the CPCA process on Check Point Management Server MEDIUM (5.3) In rare scenarios, the cpca process on the Security Management Server / Domain Management Server may exit unexpectedly, creating a core dump file. When the cpca process is down, VPN and SIC connectivity issues may occur if the CRL is not present in the Security Gateway's CRL cache. Published: 2025-02-06T13:46:11.824Z Updated: 2025-02-06T14:11:48.901Z Open on db.gcve.eu Reference links https://support.checkpoint.com/results/sk/sk183101	Imported from gcve-enriched-dumps CVE data
`CVE:CVE-2021-3449`	not_vulnerable	2026-06-03 14:45:11.170545	NULL pointer deref in signature_algorithms processing An OpenSSL TLS server may crash if sent a maliciously crafted renegotiation ClientHello message from a client. If a TLSv1.2 renegotiation ClientHello omits the signature_algorithms extension (where it was present in the initial ClientHello), but includes a signature_algorithms_cert extension then a NULL pointer dereference will result, leading to a crash and a denial of service attack. A server is only vulnerable if it has TLSv1.2 and renegotiation enabled (which is the default configuration). OpenSSL TLS clients are not impacted by this issue. All OpenSSL 1.1.1 versions are affected by this issue. Users of these versions should upgrade to OpenSSL 1.1.1k. OpenSSL 1.0.2 is not impacted by this issue. Fixed in OpenSSL 1.1.1k (Affected 1.1.1-1.1.1j). Published: 2021-03-25T14:25:13.659Z Updated: 2024-09-17T03:43:55.497Z Open on db.gcve.eu Reference links https://www.openssl.org/news/secadv/20210325.txt https://git.openssl.org/gitweb/?p=openssl.git%3Ba=commitdiff%3Bh=fb9fa6b51defd48157eeb207f52181f735d96148 https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-openssl-2021-GHY28dJd https://www.debian.org/security/2021/dsa-4875 http://www.openwall.com/lists/oss-security/2021/03/27/1	Imported from gcve-enriched-dumps CVE data

Contribute

You can submit an edit proposal for this CPE entry or suggest a related product/vendor addition using the action button above.