CVE-2007-0186

Severity Score

6.8

*CVSS v2

Exploit Likelihood

*EPSS

Affected Versions

*CPE

Public Exploits

*Multiple Sources

Exploited in Wild

*KEV

Decision

*SSVC

Descriptions

Multiple cross-site scripting (XSS) vulnerabilities in F5 FirePass SSL VPN allow remote attackers to inject arbitrary web script or HTML via (1) the xcho parameter to my.logon.php3; the (2) topblue, (3) midblue, (4) wtopblue, and certain other Custom color parameters in a per action to vdesk/admincon/index.php; the (5) h321, (6) h311, (7) h312, and certain other Front Door custom text color parameters in a per action to vdesk/admincon/index.php; the (8) ua parameter in a bro action to vdesk/admincon/index.php; the (9) app_param and (10) app_name parameters to webyfiers.php; (11) double eval functions; (12) JavaScript contained in an <FP_DO_NOT_TOUCH> element; and (13) the vhost parameter to my.activation.php. NOTE: it is possible that this candidate overlaps CVE-2006-3550.

Múltiples vulnerabilidades de tipo cross-site scripting (XSS) en F5 FirePass SSL VPN permiten a atacantes remotos inyectar script web o HTML arbitrario por medio de (1) el parámetro xcho en el archivo my.logon.php3; los parámetros (2) topblue, (3) midblue, (4) wtopblue y ciertos otros parámetros de color personalizados en una acción per en el archivo vdesk/admincon/index.php; los parámetros (5) h321, (6) h311, (7) h312 y ciertos otros parámetros de color de texto personalizados de la Front Door en una acción per en el archivo vdesk/admincon/index.php; el (8) parámetro ua en una acción bro en el archivo vdesk/admincon/index.php; los parámetros (9) app_param y (10) app_name en el archivo webyfiers.php; (11) funciones de doble eval; (12) JavaScript contenido en un elemento (FP_DO_NOT_TOUCH); y (13) el parámetro vhost en el archivo my.activation.php. NOTA: es posible que este candidato se solapa con CVE-2006-3550.

*Credits: N/A

CVSS Scores

NISTv2 6.8

Attack Vector

Network

Attack Complexity

Medium

Authentication

None

Confidentiality

Partial

Integrity

Partial

Availability

Partial

* Common Vulnerability Scoring System

SSVC

Decision:-

Exploitation

Automatable

Tech. Impact

* Organization's Worst-case Scenario

Timeline

2007-01-10 CVE Reserved
2007-01-11 CVE Published
2024-04-16 EPSS Updated
2024-08-07 CVE Updated
---------- Exploited in Wild
---------- KEV Due Date
---------- First Exploit

CWE

CAPEC

References (14)

URL	Tag	Source
http://lists.grok.org.uk/pipermail/full-disclosure/2007-January/051651.html	Mailing List
http://secunia.com/advisories/23627	Third Party Advisory
http://secunia.com/advisories/23643	Third Party Advisory
http://www.mnin.org/advisories/2007_firepass.pdf	X_refsource_misc
http://www.osvdb.org/32737	Vdb Entry
http://www.osvdb.org/32738	Vdb Entry
http://www.osvdb.org/32739	Vdb Entry
http://www.osvdb.org/32740	Vdb Entry
http://www.osvdb.org/32741	Vdb Entry
http://www.osvdb.org/32742	Vdb Entry
http://www.osvdb.org/32743	Vdb Entry
http://www.securityfocus.com/bid/21957	Vdb Entry
https://tech.f5.com/home/solutions/sol6919.html	X_refsource_confirm
https://tech.f5.com/home/solutions/sol6920.html	X_refsource_confirm

URL	Date	SRC

URL	Date	SRC

URL	Date	SRC

Affected Vendors, Products, and Versions

Vendor		Product				Version		Other		Status
Vendor	Product	Version	Other	Status	<-- -->	Vendor	Product	Version	Other	Status
F5 Search vendor "F5"		Firepass 4100 Search vendor "F5" for product "Firepass 4100"				*		-		Affected