CVE-2006-6967: Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: None. Reason: this candidate is solely about a configuration that does not directly i...

Description

Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: None. Reason: this candidate is solely about a configuration that does not directly introduce security vulnerabilities, so it is more appropriate to cover under the Common Configuration Enumeration (CCE). In addition, it describes standard behavior (publication of revocation lists) and as such does not cross privilege boundaries. Notes: the former description is: "Check Point FireWall-1 allows remote attackers to obtain certificate revocation lists (CRLs) and other unspecified sensitive information via an HTTP request for the top-level URI on the internal certificate authority (ICA) port (18264/tcp).

Timeline

Published: Feb 4, 2007
Last Modified: Nov 7, 2023
Status: Rejected

Frequently Asked Questions

What is CVE-2006-6967?

Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: None. Reason: this candidate is solely about a configuration that does not directly introduce security vulnerabilities, so it is more appropriate to cover under the Common Configuration Enumeration (CCE). In addition, it describes standard behavior (publication of revocation lists) and as such does not cross privilege boundaries. Notes: the former description is: "Check Point FireWall-1 allows remote attackers to obtain certificate revocation lists (CRLs) and other unspecified sensitive information via an HTTP request for the top-level URI on the internal certificate authority (ICA) port (18264/tcp).

How severe is CVE-2006-6967?

Severity scoring for CVE-2006-6967 is pending analysis.

How do I fix CVE-2006-6967?

Check the vendor references and advisories linked above for patched versions and mitigation guidance. You can also run a Strix scan to test if your systems are affected.