K6922: Decimal-encoded IP address circumvents Accessibility Scope

Security Advisory Description Note : Versions that are not listed in this Solution have not been evaluated for vulnerability to this security advisory. For information about the F5 security policy regarding evaluating older and unsupported versions of F5 products, refer to K4602: Overview of the ...

K6924: Insertion of special characters in URL path circumvents Accessibility Scope and Access Control Lists

Security Advisory Description Note : Versions that are not listed in this article have not been evaluated for vulnerability to this security advisory. For information about the F5 security policy regarding evaluating older and unsupported versions of F5 products, refer to K4602: Overview of the F...

K6916: Case change in URL host name circumvents Accessibility Scope

Security Advisory Description Note : Versions that are not listed in this article have not been evaluated for vulnerability to this security advisory. For information about the F5 security policy regarding evaluating older and unsupported versions of F5 products, refer to K4602: Overview of the F...

SOL6924 - Insertion of special characters in URL path circumvents Accessibility Scope and Access Control Lists

It is possible to bypass the Deny list, configured in the Accessibility Scope section located on the Portal Access: Web Applications: Master Group Settings page, by inserting certain special characters into a URL path. In FirePass version 6.0, this issue also applies to the Deny list configured...

SOL6922 - Decimal-encoded IP address circumvents Accessibility Scope

It is possible to bypass the Deny list configured in the Accessibility Scope section of the Portal Access: Web Applications: Master Group Settings page using a URL with a decimal-encoded IP address. When you log in to the FirePass Webtop, you can enter a URL into the Webtop Address Bar if the...