Logo
-

Byte Open Security

(ByteOS Network)

Log In

Sign Up

ByteOS

Security
Vulnerability Details
Registries
Custom Views
Weaknesses
Attack Patterns
Filters & Tools

quantum_spark

Source -

NVD

CNA CVEs -

0

ADP CVEs -

0

CISA CVEs -

0

NVD CVEs -

2
Related CVEsRelated VendorsRelated AssignersReports
2Vulnerabilities found
CVE-2024-24914
Assigner-Check Point Software Ltd.
ShareView Details
Assigner-Check Point Software Ltd.
CVSS Score-8||HIGH
EPSS-0.34% / 55.87%
||
7 Day CHG~0.00%
Published-07 Nov, 2024 | 11:25
Updated-26 Aug, 2025 | 16:40
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Authenticated Gaia users can inject code or commands by global variables through special HTTP requests. A Security fix that mitigates this vulnerability is available.

Action-Not Available
Vendor-Check Point Software Technologies Ltd.
Product-quantum_maestroquantum_security_gatewayquantum_scalable_chassisclusterxlquantum_6700gaia_osmulti-domain_managementquantum_security_managementquantum_sparkClusterXL, Multi-Domain Security Management, Quantum Appliances, Quantum Maestro, Quantum Scalable Chassis, Quantum Security Gateways, Quantum Security Managementquantum_security_gatewayquantum_appliancesquantum_security_managementquantum_maestroquantum_scalable_chassisclusterxlmulti-domain_management
CWE ID-CWE-914
Improper Control of Dynamically-Identified Variables
CVE-2024-24919
Assigner-Check Point Software Ltd.
ShareView Details
Assigner-Check Point Software Ltd.
CVSS Score-8.6||HIGH
EPSS-94.34% / 99.95%
||
7 Day CHG~0.00%
Published-28 May, 2024 | 18:22
Updated-30 Jul, 2025 | 19:25
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Known KEV||Action Due Date - 2024-06-20||Apply mitigations per vendor instructions or discontinue use of the product if mitigations are unavailable.
Information disclosure

Potentially allowing an attacker to read certain information on Check Point Security Gateways once connected to the internet and enabled with remote Access VPN or Mobile Access Software Blades. A Security fix that mitigates this vulnerability is available.

Action-Not Available
Vendor-Check Point Software Technologies Ltd.
Product-cloudguard_network_securityquantum_sparkquantum_security_gateway_firmwarequantum_security_gatewayquantum_spark_firmwareCheck Point Quantum Gateway, Spark Gateway and CloudGuard Networkquantum_spark_appliancesquantum_security_gateway_firmwarecloudguard_networkQuantum Security Gateways
CWE ID-CWE-200
Exposure of Sensitive Information to an Unauthorized Actor