{"resultsPerPage":1,"startIndex":0,"totalResults":1,"format":"NVD_CVE","version":"2.0","timestamp":"2026-05-08T00:34:58.595","vulnerabilities":[{"cve":{"id":"CVE-2021-30360","sourceIdentifier":"cve@checkpoint.com","published":"2022-01-10T14:10:17.190","lastModified":"2024-11-21T06:03:56.813","vulnStatus":"Modified","cveTags":[],"descriptions":[{"lang":"en","value":"Users have access to the directory where the installation repair occurs. Since the MS Installer allows regular users to run the repair, an attacker can initiate the installation repair and place a specially crafted EXE in the repair folder which runs with the Check Point Remote Access Client privileges."},{"lang":"es","value":"Los usuarios tienen acceso al directorio donde se produce la reparación de la instalación. Dado que el instalador de MS permite a usuarios normales ejecutar la reparación, un atacante puede iniciar la reparación de la instalación y colocar un EXE especialmente diseñado en la carpeta de reparación que es ejecutada con los privilegios del cliente de acceso remoto de Check Point"}],"metrics":{"cvssMetricV31":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H","baseScore":7.8,"baseSeverity":"HIGH","attackVector":"LOCAL","attackComplexity":"LOW","privilegesRequired":"LOW","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":1.8,"impactScore":5.9}],"cvssMetricV2":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"2.0","vectorString":"AV:L/AC:L/Au:N/C:C/I:C/A:C","baseScore":7.2,"accessVector":"LOCAL","accessComplexity":"LOW","authentication":"NONE","confidentialityImpact":"COMPLETE","integrityImpact":"COMPLETE","availabilityImpact":"COMPLETE"},"baseSeverity":"HIGH","exploitabilityScore":3.9,"impactScore":10.0,"acInsufInfo":false,"obtainAllPrivilege":false,"obtainUserPrivilege":false,"obtainOtherPrivilege":false,"userInteractionRequired":false}]},"weaknesses":[{"source":"cve@checkpoint.com","type":"Secondary","description":[{"lang":"en","value":"CWE-427"}]},{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"CWE-427"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:checkpoint:endpoint_security:*:*:*:*:*:windows:*:*","versionEndExcluding":"e86.20","matchCriteriaId":"4348CDFA-DAE5-403C-BFFD-280C803A16CA"}]}]}],"references":[{"url":"https://github.com/mandiant/Vulnerability-Disclosures/blob/master/2022/MNDT-2022-0001/MNDT-2022-0001.md","source":"cve@checkpoint.com","tags":["Exploit","Third Party Advisory"]},{"url":"https://supportcontent.checkpoint.com/solutions?id=sk176853","source":"cve@checkpoint.com","tags":["Product","Vendor Advisory"]},{"url":"https://github.com/mandiant/Vulnerability-Disclosures/blob/master/2022/MNDT-2022-0001/MNDT-2022-0001.md","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Exploit","Third Party Advisory"]},{"url":"https://supportcontent.checkpoint.com/solutions?id=sk176853","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Product","Vendor Advisory"]}]}}]}