Lucene search

MitreCVE-2006-5416

HistoryOct 20, 2006 - 2:07 p.m.

CVE-2006-5416

2006-10-2014:07:00

mitre

web.nvd.nist.gov

cve-2006-5416

cross-site scripting

xss

f5 networks

firepass

ssl vpn

nvd

CVSS2

5.1

Attack Vector

NETWORK

Attack Complexity

HIGH

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:H/Au:N/C:P/I:P/A:P

AI Score

Confidence

High

EPSS

0.013

Percentile

86.2%

JSON

Cross-site scripting (XSS) vulnerability in my.acctab.php3 in F5 Networks FirePass 1000 SSL VPN 5.5, and possibly earlier, allows remote attackers to inject arbitrary web script or HTML via the sid parameter.

Affected configurations

Nvd

Node

f5firepass_1000Match5.5

VendorProductVersionCPE
f5firepass_10005.5cpe:2.3:h:f5:firepass_1000:5.5:*:*:*:*:*:*:*

Vendor	Product	Version	CPE
f5	firepass_1000	5.5	cpe:2.3:h:f5:firepass_1000:5.5:::::::*

References

secunia.com/advisories/22444/

securityreason.com/securityalert/1752

securitytracker.com/id?1017076

www.procheckup.com/Vulner_PR0603b.php

www.securityfocus.com/archive/1/448935/100/0/threaded

www.securityfocus.com/bid/20583

www.vupen.com/english/advisories/2006/4083

exchange.xforce.ibmcloud.com/vulnerabilities/29631

CVSS2

5.1

Attack Vector

NETWORK

Attack Complexity

HIGH

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:H/Au:N/C:P/I:P/A:P

AI Score

Confidence

High

EPSS

0.013

Percentile

86.2%

JSON

Related for CVE-2006-5416