CVE-2007-0188

3 documents3 sources
Severity
6.5MEDIUM
EPSS
0.8%
top 25.35%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
1
F5 Firepass
Timeline
PublishedJan 12
Latest updateMay 1

Description

F5 FirePass 5.4 through 5.5.1 does not properly enforce host access restrictions when a client uses a single integer (dword) representation of an IP address ("dotless IP address"), which allows remote authenticated users to connect to the FirePass administrator console and certain other network resources.

CVSS vector

AV:N/AC:L/C:P/I:P/A:PExploitability: 8.0 | Impact: 6.4

Affected Packages1 packages

â–¶NVDf5/firepass14 versions+13

đź”´Vulnerability Details

2
GHSA
GHSA-c9fx-9g6g-3jxc: F5 FirePass 5↗2022-05-01
â–¶
CVEList
CVE-2007-0188: F5 FirePass 5↗2007-01-11
â–¶
CVE-2007-0188 (MEDIUM CVSS 6.5) | F5 FirePass 5.4 through 5.5.1 does | cvebase.io