CVE-2024-52885

Medium CVSS: 5.0

The Mobile Access Portal's File Share application is vulnerable to a directory traversal attack, allowing an authenticated, malicious end-user (authorized to at least one File Share application) to list the file names of 'nobody'-accessible directories on the Mobile Access gateway.

Vendor

Checkpoint

Product

Mobile Access

CWE

CWE-35

Yayın Tarihi

2025-08-06 15:15:31

Güncelleme

2025-08-27 14:21:06

Source Identifier

cve@checkpoint.com

KEV Date Added

Kategoriler

CWE-35 Mobile Access MEDIUM Checkpoint 2025

Referanslar

https://support.checkpoint.com/results/sk/sk183137

Benzer Kayıtlar

High

CVE-2025-3831

Log files uploaded during troubleshooting by the Harmony SASE agent may have been accessible to unauthorized parties.

Medium

CVE-2025-2028

Lack of TLS validation when downloading a CSV file including mapping from IPs to countries used ONLY for displaying coun…

Medium

CVE-2024-24915

Credentials are not cleared from memory after being used. A user with Administrator permissions can execute memory dump…

Medium

CVE-2024-24916

Untrusted DLLs in the installer's directory may be loaded and executed, leading to potentially arbitrary code execution…

Low

CVE-2024-52887

Authenticated end-user may set a specially crafted SNX bookmark that can make their browser run a script while accessing…

Medium

CVE-2024-52888

For an authenticated end-user the portal may run a script while attempting to display a directory or some file's propert…