SQL Injection Flaw in F5 FirePass VPN Software
CVE-2012-1777
Currently unrated
Summary
A SQL injection vulnerability exists in the my.activation.php3 file of the F5 FirePass VPN, affecting versions 6.0.0 to 7.0.0. This flaw allows remote attackers to manipulate SQL queries by sending specially crafted requests. Exploiting this vulnerability could enable attackers to execute arbitrary SQL commands within the database, potentially leading to unauthorized access or data compromise. It is essential for F5 FirePass users to apply the latest patches and follow best security practices to mitigate the risks associated with this SQL injection issue.
References
Timeline
Vulnerability published
Vulnerability Reserved