CVE-2024-24914

CVSS 3.1 Score 8 of 10 (high)

Details

Published Nov 7, 2024

Updated: Nov 8, 2024

CWE ID 914

Summary

CVE-2024-24914 is a newly disclosed vulnerability that allows authenticated Gaia users to inject code or commands through the use of special HTTP requests by manipulating global variables. This issue poses a serious security risk as it can be exploited to gain unauthorized access or execute malicious code. Gaia users are advised to apply the available security fix to mitigate this vulnerability and protect against potential attacks.

Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

Cluster XL
Checkpoint Security Gateway
Quantum Maestro

Affected Vendors

Check Point Software Technologies Ltd.

Advisories, Assessments, and Mitigations

https://app.recordedfuture.com/live/sc/entity/uXaQt-
https://www.cve.org/CVERecord?id=CVE-2024-24914
https://nvd.nist.gov/vuln/detail/CVE-2024-24914

Back to Vulnerability Database