SQL Injection Flaw in F5 FirePass VPN Software
CVE-2012-1777

Currently unrated

Key Information:

Vendor
F5
Status
Vendor
CVE Published:
5 April 2012

Summary

A SQL injection vulnerability exists in the my.activation.php3 file of the F5 FirePass VPN, affecting versions 6.0.0 to 7.0.0. This flaw allows remote attackers to manipulate SQL queries by sending specially crafted requests. Exploiting this vulnerability could enable attackers to execute arbitrary SQL commands within the database, potentially leading to unauthorized access or data compromise. It is essential for F5 FirePass users to apply the latest patches and follow best security practices to mitigate the risks associated with this SQL injection issue.

References

Timeline

  • Vulnerability published

  • Vulnerability Reserved

.