topic CVE-2020-15862 - Net-SNMP through 5.7.3 has Improper Privilege Management if write access is enabled in Firewall and Security Management

CVE-2020-15862 - Net-SNMP through 5.7.3 has Improper Privilege Management if write access is enabled

John_Fleming — Tue, 17 Nov 2020 18:30:02 GMT

I was looking around and maybe i'm missing it, but has checkpoint addressed this issue? I'm not finding anything so far. Granted this seems to require write access be enabled which i'm guessing almost no one uses, but I was looking for some clarification.

Re: CVE-2020-15862 - Net-SNMP through 5.7.3 has Improper Privilege Management if write access is ena

G_W_Albrecht — Tue, 17 Nov 2020 20:47:51 GMT

Fixed in the R80.40 Version: Check Point Gaia releases R77 - R80.30 use 3rd party net-snmp package version 5.4.2.1, Check Point release R80.40 (and above) use net-snmp package version 5.8 (sk158852).

Re: CVE-2020-15862 - Net-SNMP through 5.7.3 has Improper Privilege Management if write access is ena

John_Fleming — Tue, 17 Nov 2020 21:04:17 GMT

Oh great, so will you be posting a patch for anything below R80.40 then?

Re: CVE-2020-15862 - Net-SNMP through 5.7.3 has Improper Privilege Management if write access is ena

John_Fleming — Tue, 17 Nov 2020 21:16:17 GMT

Its kind of unclear, but this seems to be the fixed version in the net-snmp which shows 5.8.1rc1 ?

https://github.com/net-snmp/net-snmp/commit/77f6c60f57dba0aaea5d8ef1dd94bcd0c8e6d205

Re: CVE-2020-15862 - Net-SNMP through 5.7.3 has Improper Privilege Management if write access is ena

PhoneBoy — Mon, 23 Nov 2020 04:53:27 GMT

When we patch an issue in third party code, we don't necessarily rev the version number unless we actually update the relevant codebase to that version.
Specific to this CVE, it appears that this issue requires expert/root on the relevant gateway to exploit.
If you have that kind of access, you can pretty much do anything you want anyway.