Unauthorized Access Vulnerability in F5 FirePass by F5 Networks
CVE-2007-0188

Currently unrated

Key Information:

Vendor: F5
Status: Firepass
Vendor: CVE Published:; 12 January 2007

Summary

The F5 FirePass 5.4 to 5.5.1 contains a security flaw that fails to properly enforce host access restrictions when a client uses a dotless IP address. This weakness allows authenticated users to bypass normal security measures, potentially gaining access to the FirePass administrator console and other sensitive network resources without adequate permissions. Proper access control measures should be implemented to mitigate this risk.

References

http://www.mnin.org/advisories/2007_firepass.pdf

x_refsource_MISC

https://tech.f5.com/home/solutions/sol6922.html

x_refsource_CONFIRM

http://secunia.com/advisories/23640

third-party-advisoryx_refsource_SECUNIA

Timeline

Vulnerability published
Jan 12, 2007
Vulnerability Reserved
Jan 10, 2007