Create a Post
cancel
Showing results for 
Search instead for 
Did you mean: 
Alex_Lewis
Contributor

IPS Protection for MOVEit Transfer SQL Injection (CVE-2023-34362)

I am curious what metrics Check Point used for the "MOVEit Transfer SQL Injection (CVE-2023-34362)" IPS protection. The only thing it seems effective at is stopping any and all uploads through the MoveIt Transfer web portal, including non-malicious file uploads to a patched MoveIt Transfer server.

0 Kudos
3 Replies
Chris_Atkinson
Employee Employee
Employee

Would recommend raising a TAC case to investigate further.

https://help.checkpoint.com

 

Refer also:

https://advisories.checkpoint.com/defense/advisories/public/2023/cpai-2023-0386.html/

CCSM R77/R80/ELITE
0 Kudos
alec_dalessandr
Explorer

@Alex_Lewis 

 

Was there any response or follow up with with, just curious as to what it actually blocks as well. As we have it enabled, in the IPS protectors.

 

-Alec D'Alessandro

0 Kudos
Chris_Atkinson
Employee Employee
Employee

Note the resource linked above indicates the corresponding IPS protection was last updated a week after my original post. 

Suggest discussing further with TAC or your SE if its important to you however I suspect additional insights will be somewhat restricted/limited. 

CCSM R77/R80/ELITE
0 Kudos

Leaderboard

Epsum factorial non deposit quid pro quo hic escorol.

Upcoming Events

    CheckMates Events