This website uses Cookies. Click Accept to agree to our website's cookie use as described in our Privacy Policy. Click Preferences to customize your cookie settings.
Accept
Reject
Preferences
ABOUT CHECKMATES CYBER SECURITY COMMUNITY & FAQ
Help

Who rated this post

cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
Tomer_Noy
MVP Gold CHKP MVP Gold CHKP
MVP Gold CHKP
‎2024-06-06 01:41 AM
In response to the_rock

Just to clarify, the originally released HF fixed the CVE vulnerability for the Remote Access portal.

After releasing that HF, we found that cccd process was not patched, therefore instructed people to deactivate cccd if their configuration allows potential use of the vulnerability (and we include that statement in the script output). Remember that cccd is off-by-default, but we wanted to be extra careful in case someone activated it manually.

The JHFs that we recently released include a fix / patch for cccd as well. That's why when using JHFs it's no longer important to deactivate cccd and we don't warn that it's vulnerable in the script.

(1)
Who rated this post