A cross-site scripting (XSS) vulnerabilityâCVE-2007-6704âexists in the FirePass logon page when a pre-logon sequence is enabled. The affected FirePass URL fails to fully sanitize URL input before the web page content is sent to the browser.
It is possible for an attacker to create web pages, emails, or other media containing hyperlinks to the vulnerable FirePass web page, which may include executable code or other malicious data. If you follow the hyperlink to the FirePass controller, the affected web page will be returned to your browser with the malicious content. This issue could result in code execution on the client side, leading to the disclosure of sensitive information or other exploits.
Note: Pre-logon sequences are configured on the Users: Endpoint Security: Pre-Logon Sequence page in the FirePass Administrative Console.
Information about this advisory is available at the following location:
F5 Product Development tracked this issue as CR85003 and it was fixed in FirePass 6.0.2. For information about upgrading, refer to the FirePass release notes.
This issue still exists in the FirePass 5.x branch.
Additionally, this issue has been fixed in Hotfix--60073-85003, which has been issued for FirePass 5.5 and 5.5.1, cumulative HF-552-11, which has been issued for FirePass 5.5.2, and cumulative HF-601-6, which has been issued for FirePass 6.0.1. You may download these hotfixes or later versions of the cumulative hotfix from the F5 Downloads site.
For instructions about obtaining a hotfix, refer to SOL167: Downloading software from F5.
For instructions about installing a hotfix, refer to SOL3430: Installing FirePass hotfixes.