Information Disclosure in Identity Agent Registry Keys_CVE-2025-8304

6.5 / 10

MEDIUM

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:N/A:N

Description

An authenticated local user can obtain information that allows claiming security policy rules of another user due to sensitive information being accessible in the Windows Registry keys for Check Point Identity Agent running on a Terminal Server.

Basic Information

ID CVE-2025-8304

Source checkpoint

Published Dec 22, 2025 at 07:57

Affected Product

Vendor checkpoint

Product Identity Agent

Version Check Point Identity Agent Multi User Host Agent under version 81.084.0000

Affected Versions checkpoint Identity Agent Check Point Identity Agent Multi User Host Agent under version 81.084.0000

CWE Classification

CWE-200

References

support.checkpoint.com /results/sk/sk184263

{
    "lastseen": "",
    "description": "An authenticated local user can obtain information that allows claiming security policy rules of another user due to sensitive information being accessible in the Windows Registry keys for Check Point Identity Agent running on a Terminal Server.",
    "published": "2025-12-22T07:57:50.103Z",
    "modified": "2025-12-22T07:57:50.103Z",
    "type": "cve",
    "title": "Information Disclosure in Identity Agent Registry Keys",
    "source": "checkpoint",
    "references": "https://support.checkpoint.com/results/sk/sk184263",
    "id": "CVE-2025-8304",
    "bulletinFamily": "",
    "cwe": [
        "CWE-200"
    ],
    "cvelist": null,
    "sourceData": "checkpoint Identity Agent Check Point Identity Agent Multi User Host Agent under version 81.084.0000",
    "sourceHref": "",
    "cvss": {
        "score": 6.5,
        "severity": "MEDIUM",
        "vector": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:N/A:N",
        "version": "3.1"
    },
    "cvss2": [],
    "cvss3": {
        "version": "",
        "vectorString": "",
        "baseScore": 0,
        "baseSeverity": "",
        "attackVector": "",
        "attackComplexity": "",
        "privilegesRequired": "",
        "userInteraction": "",
        "scope": "",
        "confidentialityImpact": "",
        "integrityImpact": "",
        "availabilityImpact": "",
        "cvssV3": {
            "version": "",
            "vectorString": "",
            "baseScore": 0,
            "baseSeverity": "",
            "attackVector": "",
            "attackComplexity": "",
            "privilegesRequired": "",
            "userInteraction": "",
            "scope": "",
            "confidentialityImpact": "",
            "integrityImpact": "",
            "availabilityImpact": ""
        }
    },
    "href": "",
    "category_name": "CVE",
    "post_link": "",
    "product": "Identity Agent",
    "version": "Check Point Identity Agent Multi User Host Agent under version 81.084.0000",
    "vendor": "checkpoint",
    "ai_description": "",
    "ai_severity": "",
    "ai_vendor": "",
    "ai_product": "",
    "ai_version": "",
    "ai_score": 0
}