clayton@site:~/news$ cat cve-2024-24919-check-point-quantum-security-gateways.log

CVE-2024-24919 — Check Point Quantum Security Gateways Information Disclosure Vulnerability

2024-05-30 • CISA Known Exploited Vulnerability

[event] Check Point Quantum Security Gateways contain an unspecified information disclosure vulnerability. The vulnerability potentially allows an attacker to access information on Gateways connected to the internet, with IPSec VPN, Remote Access VPN or Mobile Access enabled. This issue affects several product lines from Check Point, including CloudGuard Network, Quantum Scalable Chassis, Quantum Security Gateways, and Quantum Spark Appliances.

> AFFECTED SOFTWARE

Field	Value
Vendor	Check Point
Product	Quantum Security Gateways
CWE	CWE-200
CVE ID	CVE-2024-24919
Date Added	2024-05-30
Due Date	2024-06-20
Ransomware Campaign	Known — this vulnerability has been leveraged in ransomware campaigns

> MITIGATION

Apply mitigations per vendor instructions or discontinue use of the product if mitigations are unavailable.

Due Date: 2024-06-20

CVE-2024-24919 — Check Point Quantum Security Gateways Information Disclosure Vulnerability

> AFFECTED SOFTWARE

> MITIGATION

> REFERENCES