https://community.checkpoint.com/t5/Firewall-and-Security-Management/Check-Point-response-to-CVE-2024-24914/m-p/233115#M45085 <P>Hey guys,</P> <P>I see this just came out today, hopefully there will be IPS protection soon.</P> <P>Andy</P> <P><A href="https://support.checkpoint.com/results/sk/sk182743" target="_blank">sk182743 - Check Point response to CVE-2024-24914 - TCL substitution of global parameter values</A></P> <P>&nbsp;</P> Tue, 19 Nov 2024 14:14:51 GMT the_rock 2024-11-19T14:14:51Z https://community.checkpoint.com/t5/Firewall-and-Security-Management/Check-Point-response-to-CVE-2024-24914/m-p/233115#M45085 <P>Hey guys,</P> <P>I see this just came out today, hopefully there will be IPS protection soon.</P> <P>Andy</P> <P><A href="https://support.checkpoint.com/results/sk/sk182743" target="_blank">sk182743 - Check Point response to CVE-2024-24914 - TCL substitution of global parameter values</A></P> <P>&nbsp;</P> Tue, 19 Nov 2024 14:14:51 GMT https://community.checkpoint.com/t5/Firewall-and-Security-Management/Check-Point-response-to-CVE-2024-24914/m-p/233115#M45085 the_rock 2024-11-19T14:14:51Z https://community.checkpoint.com/t5/Firewall-and-Security-Management/Check-Point-response-to-CVE-2024-24914/m-p/233154#M45086 <P>Always good to fix, but the SK says: "<SPAN>After logging in to Gaia Portal, authenticated users"</SPAN></P> <P><SPAN>After this point an attacker has already a lot of access in the network. I hope all admin's restrict access to the gaia portal.&nbsp;</SPAN></P> <P><SPAN>Only thing I can think of is that for example a read-only users logs in and uses this CVE to gain more access then only RO.&nbsp;</SPAN></P> Tue, 19 Nov 2024 18:32:48 GMT https://community.checkpoint.com/t5/Firewall-and-Security-Management/Check-Point-response-to-CVE-2024-24914/m-p/233154#M45086 Lesley 2024-11-19T18:32:48Z https://community.checkpoint.com/t5/Firewall-and-Security-Management/Check-Point-response-to-CVE-2024-24914/m-p/233172#M45091 <P>Thats a good point, agree.</P> Tue, 19 Nov 2024 20:24:04 GMT https://community.checkpoint.com/t5/Firewall-and-Security-Management/Check-Point-response-to-CVE-2024-24914/m-p/233172#M45091 the_rock 2024-11-19T20:24:04Z