Lucene search

[email protected]NVD:CVE-2012-1777

HistoryApr 05, 2012 - 2:55 p.m.

CVE-2012-1777

2012-04-0514:55:05

CWE-89

[email protected]

web.nvd.nist.gov

7.5 High

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

8.2 High

AI Score

Confidence

Low

0.006 Low

EPSS

Percentile

78.7%

JSON

SQL injection vulnerability in my.activation.php3 in F5 FirePass 6.0.0 through 6.1.0 and 7.0.0 allows remote attackers to execute arbitrary SQL commands via the state parameter.

Affected configurations

NVD

Node

f5firepassMatch6.0

f5firepassMatch6.1.0

f5firepassMatch7.0.0

References

packetstormsecurity.org/files/111276/F5-FirePass-SSL-VPN-6.x-7.x-SQL-Injection.html

seclists.org/fulldisclosure/2012/Mar/324

secunia.com/advisories/48455

support.f5.com/kb/en-us/solutions/public/13000/400/sol13463.html

www.securitytracker.com/id?1026834

exchange.xforce.ibmcloud.com/vulnerabilities/74198

exchange.xforce.ibmcloud.com/vulnerabilities/74450

www.sec-consult.com/files/20120328-0_F5_FirePass_SSL_VPN_unauthenticated_remote_root_v1.0.txt

7.5 High

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

8.2 High

AI Score

Confidence

Low

0.006 Low

EPSS

Percentile

78.7%

JSON

Related for NVD:CVE-2012-1777

cve2 f52 prion2 packetstorm1 openvas1 cvelist2 nvd1