https://community.checkpoint.com/t5/General-Topics/sk181427-Check-Point-response-to-CVE-2022-4450-and-CVE-2022-4304/m-p/191943#M32157 <P>hi folks,</P> <P>&nbsp;</P> <P>anyone particularly concerned about those CVE's? does anyone uses SSL Enc/Decr. on the GW and need OpenSSL to be bumped to the 1.1.1t or 4?</P> Thu, 07 Sep 2023 16:29:56 GMT Jerry 2023-09-07T16:29:56Z https://community.checkpoint.com/t5/General-Topics/sk181427-Check-Point-response-to-CVE-2022-4450-and-CVE-2022-4304/m-p/191943#M32157 <P>hi folks,</P> <P>&nbsp;</P> <P>anyone particularly concerned about those CVE's? does anyone uses SSL Enc/Decr. on the GW and need OpenSSL to be bumped to the 1.1.1t or 4?</P> Thu, 07 Sep 2023 16:29:56 GMT https://community.checkpoint.com/t5/General-Topics/sk181427-Check-Point-response-to-CVE-2022-4450-and-CVE-2022-4304/m-p/191943#M32157 Jerry 2023-09-07T16:29:56Z https://community.checkpoint.com/t5/General-Topics/sk181427-Check-Point-response-to-CVE-2022-4450-and-CVE-2022-4304/m-p/191964#M32159 <P>Hey bro,</P> <P>Just checked that sk and all it says is below. Not sure when it will be updated.</P> <P>Andy</P> <P>&nbsp;</P> <P>&nbsp;</P> <P><span class="lia-inline-image-display-wrapper lia-image-align-inline" image-alt="Screenshot_1.png" style="width: 400px;"><img src="https://community.checkpoint.com/t5/image/serverpage/image-id/22383i08D3CA115CE90132/image-size/medium?v=v2&amp;px=400" role="button" title="Screenshot_1.png" alt="Screenshot_1.png" /></span></P> <P> </P> <P>&nbsp;</P> <P>&nbsp;</P> Thu, 07 Sep 2023 20:00:17 GMT https://community.checkpoint.com/t5/General-Topics/sk181427-Check-Point-response-to-CVE-2022-4450-and-CVE-2022-4304/m-p/191964#M32159 the_rock 2023-09-07T20:00:17Z https://community.checkpoint.com/t5/General-Topics/sk181427-Check-Point-response-to-CVE-2022-4450-and-CVE-2022-4304/m-p/193130#M32325 <P>What blades/services are affected?!</P> Wed, 20 Sep 2023 07:03:23 GMT https://community.checkpoint.com/t5/General-Topics/sk181427-Check-Point-response-to-CVE-2022-4450-and-CVE-2022-4304/m-p/193130#M32325 D_W 2023-09-20T07:03:23Z https://community.checkpoint.com/t5/General-Topics/sk181427-Check-Point-response-to-CVE-2022-4450-and-CVE-2022-4304/m-p/193137#M32326 <P>AFAIK:</P> <P>&nbsp;</P> <P data-ogsb="white"><SPAN><STRONG><I>What is known – and publicly documented – is the infrastructure of the Mobile Access Blade and related Multi-Portal used for terminating HTTPS connections on the gateway. &nbsp;</I></STRONG></SPAN></P> <P data-ogsb="white"><SPAN><STRONG><I>Another instance in Gaia terminating HTTPS connections is the Gaia Portal.</I></STRONG></SPAN></P> <P data-ogsb="white"><SPAN><STRONG><I>This portal is available on Management and Log servers as they are based on Gaia, as well on the gateway’s side.</I></STRONG></SPAN></P> <P data-ogsb="white"><SPAN><STRONG><I>&nbsp;</I></STRONG></SPAN></P> <P data-ogsb="white"><SPAN><STRONG><I>The Security capabilities such as IPS and/or Application control are working independently of the multi-portal infrastructure, thus not vulnerable.</I></STRONG></SPAN></P> Wed, 20 Sep 2023 08:49:33 GMT https://community.checkpoint.com/t5/General-Topics/sk181427-Check-Point-response-to-CVE-2022-4450-and-CVE-2022-4304/m-p/193137#M32326 Jerry 2023-09-20T08:49:33Z