CVE-2021-30358

Mobile Access Portal Native Applications who's path is defined by the administrator with environment variables may run applications from other locations by the Mobile Access Portal Agent.
Configurations

Configuration 1 (hide)

OR cpe:2.3:a:checkpoint:mobile_access_portal_agent:r80.20:*:*:*:*:*:*:*
cpe:2.3:a:checkpoint:mobile_access_portal_agent:r80.30:*:*:*:*:*:*:*
cpe:2.3:a:checkpoint:mobile_access_portal_agent:r80.40:*:*:*:*:*:*:*
cpe:2.3:a:checkpoint:mobile_access_portal_agent:r81:*:*:*:*:*:*:*
cpe:2.3:a:checkpoint:mobile_access_portal_agent:r81.10:*:*:*:*:*:*:*

History

22 Oct 2021, 18:04

Type Values Removed Values Added
CVSS v2 : unknown
v3 : unknown
v2 : 6.0
v3 : 7.2
CWE CWE-78
CPE cpe:2.3:a:checkpoint:mobile_access_portal_agent:r80.30:*:*:*:*:*:*:*
cpe:2.3:a:checkpoint:mobile_access_portal_agent:r80.20:*:*:*:*:*:*:*
cpe:2.3:a:checkpoint:mobile_access_portal_agent:r80.40:*:*:*:*:*:*:*
cpe:2.3:a:checkpoint:mobile_access_portal_agent:r81:*:*:*:*:*:*:*
cpe:2.3:a:checkpoint:mobile_access_portal_agent:r81.10:*:*:*:*:*:*:*
References (MISC) https://supportcontent.checkpoint.com/solutions?id=sk142952 - (MISC) https://supportcontent.checkpoint.com/solutions?id=sk142952 - Vendor Advisory
References (MISC) https://supportcontent.checkpoint.com/solutions?id=sk175806 - (MISC) https://supportcontent.checkpoint.com/solutions?id=sk175806 - Patch, Vendor Advisory

19 Oct 2021, 14:50

Type Values Removed Values Added
New CVE

Information

Published : 2021-10-19 14:15

Updated : 2024-02-04 22:08


NVD link : CVE-2021-30358

Mitre link : CVE-2021-30358

CVE.ORG link : CVE-2021-30358


JSON object : View

Products Affected

checkpoint

  • mobile_access_portal_agent
CWE
CWE-78

Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')