CVE-2026-48134: CWE-89: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') in checkpoint Quantum Security Gateway
When the DLP is active, the UserCheck Web Portal contains an input-handling issue in the UserChoice flow. Under specific conditions, an attacker who can access the UserCheck Ask page could attempt to manipulate the Security Gateway's stored DLP/UserCheck incident information. This could lead to disruptions such as loss of stored incident entries, incorrect handling of pending approvals, or resource impact if the issue is abused repeatedly. Exposure is reduced if the UserCheck Portal is not accessible from untrusted networks.
AI Analysis
Technical Summary
This vulnerability involves improper neutralization of special elements in SQL commands (CWE-89) within the UserCheck Web Portal of Check Point Quantum Security Gateway when DLP is enabled. Specifically, the UserChoice flow on the UserCheck Ask page does not properly sanitize input, enabling an attacker with access to this page to manipulate stored incident information. Affected versions include R81.10 and below up to certain Jumbo Hotfix Takes on R81.20, R82, and R82.10. The CVSS 3.1 base score is 7.6, indicating a high severity with network attack vector, low attack complexity, requiring low privileges but no user interaction, and impacts include low confidentiality, high integrity, and low availability impacts.
Potential Impact
Successful exploitation can lead to manipulation or loss of stored DLP/UserCheck incident data, incorrect processing of pending approvals, and potential resource exhaustion if the vulnerability is repeatedly exploited. This could disrupt normal incident handling and affect the integrity and availability of incident information within the security gateway. Confidentiality impact is rated low, indicating limited data disclosure risk.
Mitigation Recommendations
Patch status is not yet confirmed — check the vendor advisory for current remediation guidance. Exposure can be reduced by restricting access to the UserCheck Portal from untrusted networks. Until an official fix is available, limit UserCheck Portal accessibility and monitor for unusual activity related to incident data manipulation.
CVE-2026-48134: CWE-89: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') in checkpoint Quantum Security Gateway
Description
When the DLP is active, the UserCheck Web Portal contains an input-handling issue in the UserChoice flow. Under specific conditions, an attacker who can access the UserCheck Ask page could attempt to manipulate the Security Gateway's stored DLP/UserCheck incident information. This could lead to disruptions such as loss of stored incident entries, incorrect handling of pending approvals, or resource impact if the issue is abused repeatedly. Exposure is reduced if the UserCheck Portal is not accessible from untrusted networks.
AI-Powered Analysis
Machine-generated threat intelligence
Technical Analysis
This vulnerability involves improper neutralization of special elements in SQL commands (CWE-89) within the UserCheck Web Portal of Check Point Quantum Security Gateway when DLP is enabled. Specifically, the UserChoice flow on the UserCheck Ask page does not properly sanitize input, enabling an attacker with access to this page to manipulate stored incident information. Affected versions include R81.10 and below up to certain Jumbo Hotfix Takes on R81.20, R82, and R82.10. The CVSS 3.1 base score is 7.6, indicating a high severity with network attack vector, low attack complexity, requiring low privileges but no user interaction, and impacts include low confidentiality, high integrity, and low availability impacts.
Potential Impact
Successful exploitation can lead to manipulation or loss of stored DLP/UserCheck incident data, incorrect processing of pending approvals, and potential resource exhaustion if the vulnerability is repeatedly exploited. This could disrupt normal incident handling and affect the integrity and availability of incident information within the security gateway. Confidentiality impact is rated low, indicating limited data disclosure risk.
Mitigation Recommendations
Patch status is not yet confirmed — check the vendor advisory for current remediation guidance. Exposure can be reduced by restricting access to the UserCheck Portal from untrusted networks. Until an official fix is available, limit UserCheck Portal accessibility and monitor for unusual activity related to incident data manipulation.
Technical Details
- Data Version
- 5.2
- Assigner Short Name
- checkpoint
- Date Reserved
- 2026-05-20T19:29:00.635Z
- Cvss Version
- 3.1
- State
- PUBLISHED
- Remediation Level
- null
Threat ID: 6a15a0f3891d628fdc365e76
Added to database: 5/26/2026, 1:32:35 PM
Last enriched: 5/26/2026, 1:47:21 PM
Last updated: 5/26/2026, 4:04:35 PM
Views: 6
Community Reviews
0 reviewsCrowdsource mitigation strategies, share intel context, and vote on the most helpful responses. Sign in to add your voice and help keep defenders ahead.
Want to contribute mitigation steps or threat intel context? Sign in or create an account to join the community discussion.
Actions
Updates to AI analysis require Pro Console access. Upgrade inside Console → Billing.
External Links
Need more coverage?
Upgrade to Pro Console for AI refresh and higher limits.
For incident response and remediation, OffSeq services can help resolve threats faster.
Latest Threats
Check if your credentials are on the dark web
Instant breach scanning across billions of leaked records. Free tier available.