Vulnerabilities > CVE-2007-3464 - Denial-Of-Service vulnerability in Safe At Office 500 Utm
Attack vector
NETWORK Attack complexity
MEDIUM Privileges required
SINGLE Confidentiality impact
COMPLETE Integrity impact
COMPLETE Availability impact
COMPLETE network
sofaware
Summary
Check Point SofaWare Safe@Office, with firmware before Embedded NGX 7.0.45 GA, does not require entry of the old password when changing the admin password, which might allow attackers to gain privileges by conducting a CSRF attack, making a password change on an unattended workstation, or other vectors.
Vulnerable Configurations
Part | Description | Count |
---|---|---|
Hardware | 1 |