Lucene search

[email protected]CVE-2007-6704

HistoryMar 05, 2008 - 11:44 p.m.

CVE-2007-6704

2008-03-0523:44:00

CWE-79

[email protected]

web.nvd.nist.gov

cve-2007-6704

cross-site scripting

xss

f5 firepass 4100

ssl vpn

security vulnerability

nvd

5.9 Medium

AI Score

Confidence

High

2.6 Low

CVSS2

Access Vector

NETWORK

Access Complexity

HIGH

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:N/AC:H/Au:N/C:N/I:P/A:N

0.008 Low

EPSS

Percentile

81.7%

JSON

Multiple cross-site scripting (XSS) vulnerabilities in F5 FirePass 4100 SSL VPN 5.4.1 through 5.5.2 and 6.0 through 6.0.1, when pre-logon sequences are enabled, allow remote attackers to inject arbitrary web script or HTML via the query string to (1) my.activation.php3 and (2) my.logon.php3.

CPENameOperatorVersion
f5:firepass_4100f5 firepass 4100eq5.4.7
f5:firepass_4100f5 firepass 4100eq5.4.3
f5:firepass_4100f5 firepass 4100eq5.4.1
f5:firepass_4100f5 firepass 4100eq5.4.6
f5:firepass_4100f5 firepass 4100eq5.5.2
f5:firepass_4100f5 firepass 4100eq5.4.4
f5:firepass_4100f5 firepass 4100eq5.4.9
f5:firepass_4100f5 firepass 4100eq5.4.8
f5:firepass_4100f5 firepass 4100eq5.5.1
f5:firepass_4100f5 firepass 4100eq6.0

CPE	Name	Operator	Version
f5:firepass_4100	f5 firepass 4100	eq	5.4.7
f5:firepass_4100	f5 firepass 4100	eq	5.4.3
f5:firepass_4100	f5 firepass 4100	eq	5.4.1
f5:firepass_4100	f5 firepass 4100	eq	5.4.6
f5:firepass_4100	f5 firepass 4100	eq	5.5.2
f5:firepass_4100	f5 firepass 4100	eq	5.4.4
f5:firepass_4100	f5 firepass 4100	eq	5.4.9
f5:firepass_4100	f5 firepass 4100	eq	5.4.8
f5:firepass_4100	f5 firepass 4100	eq	5.5.1
f5:firepass_4100	f5 firepass 4100	eq	6.0

Rows per page:

1-10 of 141

References

secunia.com/advisories/27904

securityreason.com/securityalert/3712

www.osvdb.org/38980

www.osvdb.org/38981

www.procheckup.com/Vulnerability_PR07-14.php

www.procheckup.com/Vulnerability_PR07-15a.php

www.securityfocus.com/archive/1/484411/100/0/threaded

www.securityfocus.com/archive/1/484413/100/0/threaded

www.securityfocus.com/archive/1/492511/100/0/threaded

www.securityfocus.com/bid/26659

www.securityfocus.com/bid/26661

www.securitytracker.com/id?1019031

exchange.xforce.ibmcloud.com/vulnerabilities/38785

exchange.xforce.ibmcloud.com/vulnerabilities/38795

support.f5.com/kb/en-us/solutions/public/7000/900/SOL7923.html

Social References

5.9 Medium

AI Score

Confidence

High

2.6 Low

CVSS2

Access Vector

NETWORK

Access Complexity

HIGH

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:N/AC:H/Au:N/C:N/I:P/A:N

0.008 Low

EPSS

Percentile

81.7%

JSON

Related for CVE-2007-6704

f51 cvelist1 prion1