Vulnerability CVE-2012-1777

Vulnerability CVE-2012-1777

Published: 2012-04-05

Description:

	Topic	Author	Date
Med.	F5 FirePass SSL VPN 6.x / 7.x SQL Injection	Christoph Schwar...	29.03.2012

Type:

(Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection'))

CVSS Base Score	Impact Subscore	Exploitability Subscore
7.5/10	6.4/10	10/10

Affected software
F5 -> Firepass

http://packetstormsecurity.org/files/111276/F5-FirePass-SSL-VPN-6.x-7.x-SQL-Injection.html

http://seclists.org/fulldisclosure/2012/Mar/324

http://support.f5.com/kb/en-us/solutions/public/13000/400/sol13463.html

http://www.securitytracker.com/id?1026834

https://exchange.xforce.ibmcloud.com/vulnerabilities/74198

https://exchange.xforce.ibmcloud.com/vulnerabilities/74450

https://www.sec-consult.com/files/20120328-0_F5_FirePass_SSL_VPN_unauthenticated_remote_root_v1.0.txt