Authenticated Gaia users can inject code or commands by global variables through special HTTP requests. A Security fix that mitigates this vulnerability is available.
References
| Link | Resource |
|---|---|
| https://support.checkpoint.com/results/sk/sk182743 | Vendor Advisory |
Configurations
Configuration 1 (hide)
| AND |
|
History
26 Aug 2025, 16:40
| Type | Values Removed | Values Added |
|---|---|---|
| References | () https://support.checkpoint.com/results/sk/sk182743 - Vendor Advisory | |
| CPE | cpe:2.3:h:checkpoint:quantum_maestro:-:*:*:*:*:*:*:* cpe:2.3:h:checkpoint:quantum_security_gateway:-:*:*:*:*:*:*:* cpe:2.3:h:checkpoint:quantum_6700:-:*:*:*:*:*:*:* cpe:2.3:o:checkpoint:gaia_os:r81:*:*:*:*:*:*:* cpe:2.3:h:checkpoint:quantum_spark:-:*:*:*:*:*:*:* cpe:2.3:h:checkpoint:multi-domain_management:-:*:*:*:*:*:*:* cpe:2.3:o:checkpoint:gaia_os:r81.10:*:*:*:*:*:*:* cpe:2.3:h:checkpoint:clusterxl:-:*:*:*:*:*:*:* cpe:2.3:h:checkpoint:quantum_scalable_chassis:-:*:*:*:*:*:*:* cpe:2.3:o:checkpoint:gaia_os:r81.20:*:*:*:*:*:*:* cpe:2.3:h:checkpoint:quantum_security_management:-:*:*:*:*:*:*:* |
|
| First Time |
Checkpoint clusterxl
Checkpoint quantum Security Management Checkpoint Checkpoint quantum 6700 Checkpoint gaia Os Checkpoint quantum Maestro Checkpoint multi-domain Management Checkpoint quantum Security Gateway Checkpoint quantum Spark Checkpoint quantum Scalable Chassis |
Information
Published : 2024-11-07 12:15
Updated : 2025-08-26 16:40
NVD link : CVE-2024-24914
Mitre link : CVE-2024-24914
CVE.ORG link : CVE-2024-24914
JSON object : View
Products Affected
checkpoint
- quantum_maestro
- quantum_security_gateway
- gaia_os
- quantum_security_management
- multi-domain_management
- quantum_spark
- clusterxl
- quantum_6700
- quantum_scalable_chassis
CWE
CWE-914
Improper Control of Dynamically-Identified Variables