F5: >> Firepass >> 5.5.2 Security Vulnerabilities
F5 FirePass 5.4 through 5.5.2 and 6.0 allows remote attackers to access restricted URLs via (1) a trailing null byte, (2) multiple leading slashes, (3) Unicode encoding, (4) URL-encoded directory traversal or same-directory characters, or (5) upper case letters in the domain name.
CVSS Score
7.5
EPSS Score
0.012
Published
2007-01-12
F5 FirePass 5.4 through 5.5.1 does not properly enforce host access restrictions when a client uses a single integer (dword) representation of an IP address ("dotless IP address"), which allows remote authenticated users to connect to the FirePass administrator console and certain other network resources.
CVSS Score
6.5
EPSS Score
0.008
Published
2007-01-12