This website uses cookies. By clicking Accept, you consent to the use of cookies. Click Here to learn more about how we use cookies.
Accept
Reject
ABOUT CHECKMATES & FAQ
Create a Post
Help
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 

Are you a member of CheckMates?

×
Sign in with your Check Point UserCenter/PartnerMap account to access more great content and get a chance to win some Apple AirPods! If you don't have an account, create one now for free!
John_Fleming
Advisor
‎2020-11-17 10:30 AM

CVE-2020-15862 - Net-SNMP through 5.7.3 has Improper Privilege Management if write access is enabled

I was looking around and maybe i'm missing it, but has checkpoint addressed this issue? I'm not finding anything so far. Granted this seems to require write access be enabled which i'm guessing almost no one uses, but I was looking for some clarification. 

0 Kudos
4 Replies
G_W_Albrecht
Legend
Legend
‎2020-11-17 12:47 PM

Fixed in the R80.40 Version: Check Point Gaia releases R77 - R80.30 use 3rd party net-snmp package version 5.4.2.1, Check Point release R80.40 (and above) use net-snmp package version 5.8 (sk158852).

CCSE CCTE CCSM SMB Specialist
0 Kudos
John_Fleming
Advisor
‎2020-11-17 01:04 PM
In response to G_W_Albrecht

Oh great, so will you be posting a patch for anything below R80.40 then?

0 Kudos
John_Fleming
Advisor
‎2020-11-17 01:16 PM
In response to John_Fleming

Its kind of unclear, but this seems to be the fixed version in the net-snmp which shows 5.8.1rc1 ?

 

https://github.com/net-snmp/net-snmp/commit/77f6c60f57dba0aaea5d8ef1dd94bcd0c8e6d205

 

0 Kudos
PhoneBoy
Admin
Admin
‎2020-11-22 08:53 PM
In response to John_Fleming

When we patch an issue in third party code, we don't necessarily rev the version number unless we actually update the relevant codebase to that version.
Specific to this CVE, it appears that this issue requires expert/root on the relevant gateway to exploit.
If you have that kind of access, you can pretty much do anything you want anyway.

0 Kudos