CVE-2022-23744

Check Point Endpoint before version E86.50 failed to protect against specific registry change which allowed to disable endpoint protection by a local administrator.
Configurations

Configuration 1 (hide)

OR cpe:2.3:a:checkpoint:endpoint_security:e83:*:*:*:*:*:*:*
cpe:2.3:a:checkpoint:endpoint_security:e84:*:*:*:*:*:*:*
cpe:2.3:a:checkpoint:endpoint_security:e85:*:*:*:*:*:*:*
cpe:2.3:a:checkpoint:endpoint_security:e86.10:*:*:*:*:*:*:*
cpe:2.3:a:checkpoint:endpoint_security:e86.20:*:*:*:*:*:*:*
cpe:2.3:a:checkpoint:endpoint_security:e86.30:*:*:*:*:*:*:*
cpe:2.3:a:checkpoint:endpoint_security:e86.40:*:*:*:*:*:*:*
cpe:2.3:a:checkpoint:harmony_endpoint:e83:*:*:*:*:*:*:*
cpe:2.3:a:checkpoint:harmony_endpoint:e84:*:*:*:*:*:*:*
cpe:2.3:a:checkpoint:harmony_endpoint:e85:*:*:*:*:*:*:*
cpe:2.3:a:checkpoint:harmony_endpoint:e86.10:*:*:*:*:*:*:*
cpe:2.3:a:checkpoint:harmony_endpoint:e86.20:*:*:*:*:*:*:*
cpe:2.3:a:checkpoint:harmony_endpoint:e86.30:*:*:*:*:*:*:*
cpe:2.3:a:checkpoint:harmony_endpoint:e86.40:*:*:*:*:*:*:*

History

15 Jul 2022, 14:55

Type Values Removed Values Added
References (MISC) https://supportcenter.checkpoint.com/supportcenter/portal?eventSubmit_doGoviewsolutiondetails=&solutionid=sk179609 - (MISC) https://supportcenter.checkpoint.com/supportcenter/portal?eventSubmit_doGoviewsolutiondetails=&solutionid=sk179609 - Vendor Advisory
CWE NVD-CWE-noinfo
CVSS v2 : unknown
v3 : unknown
v2 : 2.1
v3 : 2.3
CPE cpe:2.3:a:checkpoint:harmony_endpoint:e86.10:*:*:*:*:*:*:*
cpe:2.3:a:checkpoint:endpoint_security:e86.30:*:*:*:*:*:*:*
cpe:2.3:a:checkpoint:endpoint_security:e86.10:*:*:*:*:*:*:*
cpe:2.3:a:checkpoint:endpoint_security:e83:*:*:*:*:*:*:*
cpe:2.3:a:checkpoint:harmony_endpoint:e86.40:*:*:*:*:*:*:*
cpe:2.3:a:checkpoint:endpoint_security:e86.40:*:*:*:*:*:*:*
cpe:2.3:a:checkpoint:endpoint_security:e84:*:*:*:*:*:*:*
cpe:2.3:a:checkpoint:harmony_endpoint:e86.30:*:*:*:*:*:*:*
cpe:2.3:a:checkpoint:harmony_endpoint:e85:*:*:*:*:*:*:*
cpe:2.3:a:checkpoint:harmony_endpoint:e86.20:*:*:*:*:*:*:*
cpe:2.3:a:checkpoint:harmony_endpoint:e83:*:*:*:*:*:*:*
cpe:2.3:a:checkpoint:harmony_endpoint:e84:*:*:*:*:*:*:*
cpe:2.3:a:checkpoint:endpoint_security:e86.20:*:*:*:*:*:*:*
cpe:2.3:a:checkpoint:endpoint_security:e85:*:*:*:*:*:*:*

08 Jul 2022, 18:15

Type Values Removed Values Added
Summary Check Point Endpoint Security Client E83 through E86 before E86.50 does not protect against a specific registry modification, and thus allows a local administrator to disable endpoint protection. Check Point Endpoint before version E86.50 failed to protect against specific registry change which allowed to disable endpoint protection by a local administrator.

07 Jul 2022, 21:15

Type Values Removed Values Added
Summary ZoneAlarm Anti-Bad-Stuff before version 15.8.109.18436 allow an attacker to do really bad stuff when the user aims a light-saber to the ZoneAlarm UI. Check Point Endpoint Security Client E83 through E86 before E86.50 does not protect against a specific registry modification, and thus allows a local administrator to disable endpoint protection.

07 Jul 2022, 16:15

Type Values Removed Values Added
New CVE

Information

Published : 2022-07-07 16:15

Updated : 2024-02-04 22:51


NVD link : CVE-2022-23744

Mitre link : CVE-2022-23744

CVE.ORG link : CVE-2022-23744


JSON object : View

Products Affected

checkpoint

  • harmony_endpoint
  • endpoint_security
CWE
NVD-CWE-noinfo CWE-470

Use of Externally-Controlled Input to Select Classes or Code ('Unsafe Reflection')