cancel
Showing results for 
Search instead for 
Did you mean: 
Create a Post
Highlighted

IPS Signature CVE-2020-0601

Hi,

 

Did you manage to trigger CVE-2020-0601 IPS protection?

I tried using

- Check Point R80.30

- strict and optimised profile

- with and without SSL Inspection

- using vulnerable OS

- Test page: http://testcve.kudelskisecurity.com/

 

Results:

Without SSL inspection is unable to detect attack.

With SSL inspection I have: Internal system error in HTTPS Inspection (Error Code: 2), Bypassing request as configured in engine settings of HTTPS Inspection

 

Does somebody know what conndition have to be meet to trigger this IPS protection?

 

Best Regards

Maciej

 

 

 

 

0 Kudos
1 Reply
Highlighted
Admin
Admin

Re: IPS Signature CVE-2020-0601

HTTPS Inspection should fail the connection if it performs validation on the certificate (unless you've explicitly disabled that feature).
But perhaps what's happening is it's encountering something unexpected and "failing open" as a result.
Either way, it's puzzling and a TAC case should probably be opened.
0 Kudos