CVE-2007-0187

3 documents3 sources
Severity
7.5HIGH
EPSS
1.2%
top 20.83%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
1
F5 Firepass
Timeline
PublishedJan 12
Latest updateMay 1

Description

F5 FirePass 5.4 through 5.5.2 and 6.0 allows remote attackers to access restricted URLs via (1) a trailing null byte, (2) multiple leading slashes, (3) Unicode encoding, (4) URL-encoded directory traversal or same-directory characters, or (5) upper case letters in the domain name.

CVSS vector

AV:N/AC:L/C:P/I:P/A:PExploitability: 10.0 | Impact: 6.4

Affected Packages1 packages

NVDf5/firepass14 versions+13

🔴Vulnerability Details

2
GHSA
GHSA-4hgg-446h-pr53: F5 FirePass 52022-05-01
CVEList
CVE-2007-0187: F5 FirePass 52007-01-11
CVE-2007-0187 (HIGH CVSS 7.5) | F5 FirePass 5.4 through 5.5.2 and 6 | cvebase.io