Create a Post
cancel
Showing results for 
Search instead for 
Did you mean: 
Maciej_Maczka
Contributor

IPS Signature CVE-2020-0601

Hi,

 

Did you manage to trigger CVE-2020-0601 IPS protection?

I tried using

- Check Point R80.30

- strict and optimised profile

- with and without SSL Inspection

- using vulnerable OS

- Test page: http://testcve.kudelskisecurity.com/

 

Results:

Without SSL inspection is unable to detect attack.

With SSL inspection I have: Internal system error in HTTPS Inspection (Error Code: 2), Bypassing request as configured in engine settings of HTTPS Inspection

 

Does somebody know what conndition have to be meet to trigger this IPS protection?

 

Best Regards

Maciej

 

 

 

 

0 Kudos
1 Reply
PhoneBoy
Admin
Admin

HTTPS Inspection should fail the connection if it performs validation on the certificate (unless you've explicitly disabled that feature).
But perhaps what's happening is it's encountering something unexpected and "failing open" as a result.
Either way, it's puzzling and a TAC case should probably be opened.
0 Kudos

Leaderboard

Epsum factorial non deposit quid pro quo hic escorol.

Upcoming Events

    CheckMates Events