CVEDB API

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2007-6704

Multiple cross-site scripting (XSS) vulnerabilities in F5 FirePass 4100 SSL VPN 5.4.1 through 5.5.2 and 6.0 through 6.0.1, when pre-logon sequences are enabled, allow remote attackers to inject arbitrary web script or HTML via the query string to (1) my.activation.php3 and (2) my.logon.php3.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.122

EPSS Ranking 93.6%

CVSS Severity

CVSS v2 Score 2.6

References

Products affected by CVE-2007-6704

F5 » Firepass 4100 » Version: 5.4.1

cpe:2.3:h:f5:firepass_4100:5.4.1
F5 » Firepass 4100 » Version: 5.4.2

cpe:2.3:h:f5:firepass_4100:5.4.2
F5 » Firepass 4100 » Version: 5.4.3

cpe:2.3:h:f5:firepass_4100:5.4.3
F5 » Firepass 4100 » Version: 5.4.4

cpe:2.3:h:f5:firepass_4100:5.4.4
F5 » Firepass 4100 » Version: 5.4.5

cpe:2.3:h:f5:firepass_4100:5.4.5
F5 » Firepass 4100 » Version: 5.4.6

cpe:2.3:h:f5:firepass_4100:5.4.6
F5 » Firepass 4100 » Version: 5.4.7

cpe:2.3:h:f5:firepass_4100:5.4.7
F5 » Firepass 4100 » Version: 5.4.8

cpe:2.3:h:f5:firepass_4100:5.4.8
F5 » Firepass 4100 » Version: 5.4.9

cpe:2.3:h:f5:firepass_4100:5.4.9
F5 » Firepass 4100 » Version: 5.5.0

cpe:2.3:h:f5:firepass_4100:5.5.0
F5 » Firepass 4100 » Version: 5.5.1

cpe:2.3:h:f5:firepass_4100:5.5.1
F5 » Firepass 4100 » Version: 5.5.2

cpe:2.3:h:f5:firepass_4100:5.5.2
F5 » Firepass 4100 » Version: 6.0

cpe:2.3:h:f5:firepass_4100:6.0
F5 » Firepass 4100 » Version: 6.0.1

cpe:2.3:h:f5:firepass_4100:6.0.1

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2007-6704

Products

Pricing

Contact Us