This website uses Cookies. Click Accept to agree to our website's cookie use as described in our Privacy Policy. Click Preferences to customize your cookie settings.
Accept
Reject
Preferences
ABOUT CHECKMATES CYBER SECURITY COMMUNITY & FAQ
Create a Post
Help
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 

Are you a member of CheckMates?

×
Sign in with your Check Point UserCenter/PartnerMap account to access more great content and get a chance to win some Apple AirPods! If you don't have an account, create one now for free!
Pawel_Szetela
Contributor
‎2021-03-25 11:21 AM

CVE-2021-3449

Hello Everyone,

Is there any news on the CVE-2021-3449 in Check Point products?

https://www.openssl.org/news/vulnerabilities.html

Regards,

17 Replies
genisis__
Mentor Mentor
Mentor
‎2021-03-25 01:09 PM

Not 100% but I believe Open SSL was updated to v1.1.1i in the following:

R81 JHFA13

R80.40 JHFA100

 Not aware of another fix so it sounds like Checkpoint may included this in a later fix  after they confirm Checkpoint appliances are affected.

0 Kudos
Pawel_Szetela
Contributor
‎2021-03-25 01:16 PM
In response to genisis__

Fixed in OpenSSL 1.1.1k - Affected 1.1.1-1.1.1j

0 Kudos
genisis__
Mentor Mentor
Mentor
‎2021-03-25 01:17 PM
In response to Pawel_Szetela

Sounds like Checkpoint need to release a new Jumbo, may I suggest raising a TAC case to help speed this up.

0 Kudos
JozkoMrkvicka
Authority
Authority
‎2021-03-25 02:33 PM

Relevant sk where should be all OpenSSL CVEs is not yet updated:

https://supportcenter.checkpoint.com/supportcenter/portal?eventSubmit_doGoviewsolutiondetails=&solut...

Kind regards,
Jozko Mrkvicka
0 Kudos
_Val_
Admin
Admin
‎2021-03-26 03:16 AM

We are planning to fix it in the upcoming Jumbo. If you need immediate targeted fix, please open a case with TAC.

0 Kudos
genisis__
Mentor Mentor
Mentor
‎2021-03-26 03:25 AM
In response to _Val_

Will this be integrated into JHF100 FOR r80.40 as this is still ongoing take? and equal in JHFA23 for R81?

0 Kudos
_Val_
Admin
Admin
‎2021-03-26 03:57 AM
In response to genisis__

Still ongoing for both. More details can be available from TAC through a case.

0 Kudos
matangi
Employee
Employee
‎2021-03-29 04:42 AM

Hi all,

We just updated sk92447, we will keep updating it once we complete the analysis for CVE-2021-3449

Pawel_Szetela
Contributor
‎2021-04-08 11:13 PM
In response to matangi

Hello,

2 weeks and still no news about CVE-2021-3449?

Regards,

genisis__
Mentor Mentor
Mentor
‎2021-04-11 02:33 AM
In response to matangi

When will the analysis phase be completed? Consider Checkpoint are a Security vendor its pretty poor show that this is taking so long to either fix or confirm there product is not vulnerable.

More interesting question, if a vendor device is compromised, after the vendor has acknowledge said issue but not yet resolved it, could they be liable for any loss of earnings or reputation damage...interest scenario to think of.

Is there a legal grace period in which the vendor would have to analysis, and release a statement, which would cover them and customers?

0 Kudos
JanVC
Collaborator
‎2021-04-11 11:54 PM
In response to genisis__

https://supportcontent.checkpoint.com/solutions?id=sk172983

statement released

0 Kudos
_Val_
Admin
Admin
‎2021-04-12 12:06 AM
In response to genisis__

There is an official statement now available:  Response to OpenSSL CVE-2021-3449

0 Kudos
Benedikt_Weissl
Advisor
‎2021-04-12 01:07 AM
In response to _Val_

Just to be sure: Gaia embedded is not vulnerable?

0 Kudos
genisis__
Mentor Mentor
Mentor
‎2021-04-12 01:13 AM
In response to Benedikt_Weissl

Thanks All.

0 Kudos
matangi
Employee
Employee
‎2021-04-12 01:14 AM
In response to Benedikt_Weissl

Gaia embedded is not vulnerable 
R80.20 based versions are not vulnerable

 

genisis__
Mentor Mentor
Mentor
‎2021-04-14 05:48 AM
In response to matangi

Take 102 has now been release which addresses this CVE

Manning
Employee
Employee
‎2021-04-26 01:55 PM
In response to matangi

Do you mean R80.40 or R80.20? Was this a typo? 

0 Kudos

Leaderboard

Epsum factorial non deposit quid pro quo hic escorol.

View All ≫
Upcoming Events

    Sort by:
    CheckMates Events