Vulnerabilites related to watchguard - fireware
Vulnerability from fkie_nvd
Published
2017-04-22 22:59
Modified
2024-11-21 03:33
Severity ?
Summary
WatchGuard Fireware allows user enumeration, e.g., in the Firebox XML-RPC login handler. A login request that contains a blank password sent to the XML-RPC agent in Fireware v11.12.1 and earlier returns different responses for valid and invalid usernames. An attacker could exploit this vulnerability to enumerate valid usernames on an affected Firebox.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| watchguard | fireware | * |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:watchguard:fireware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "340A6304-A2C7-4FFC-8CA7-FDFB78948EDB",
"versionEndIncluding": "11.2.1",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "WatchGuard Fireware allows user enumeration, e.g., in the Firebox XML-RPC login handler. A login request that contains a blank password sent to the XML-RPC agent in Fireware v11.12.1 and earlier returns different responses for valid and invalid usernames. An attacker could exploit this vulnerability to enumerate valid usernames on an affected Firebox."
},
{
"lang": "es",
"value": "WatchGuard Fireware permite la enumeraci\u00f3n de usuarios, por ejemplo, en el controlador de inicio de sesi\u00f3n Firebox XML-RPC. Una solicitud de inicio de sesi\u00f3n que contiene una contrase\u00f1a en blanco enviada al agente XML-RPC en Fireware v11.12.1 y versiones anteriores devuelve respuestas diferentes para nombres de usuario v\u00e1lidos e inv\u00e1lidos. Un atacante podr\u00eda explotar esta vulnerabilidad para enumerar nombres de usuario v\u00e1lidos en un Firebox afectado."
}
],
"id": "CVE-2017-8055",
"lastModified": "2024-11-21T03:33:13.930",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": true,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "NONE",
"baseScore": 5.0,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV30": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N",
"version": "3.0"
},
"exploitabilityScore": 3.9,
"impactScore": 1.4,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2017-04-22T22:59:00.217",
"references": [
{
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
],
"url": "http://watchguardsupport.force.com/publicKB?type=KBSecurityIssues\u0026SFDCID=kA62A0000000KlGSAU"
},
{
"source": "cve@mitre.org",
"tags": [
"Exploit",
"Third Party Advisory",
"VDB Entry"
],
"url": "https://packetstormsecurity.com/files/142177/watchguardfbxtm-xxeinject.txt"
},
{
"source": "cve@mitre.org",
"tags": [
"Exploit",
"Third Party Advisory"
],
"url": "https://www.sidertia.com/Home/Community/Blog/2017/04/17/Fixed-the-Fireware-Vulnerabilities-discovered-by-Sidertia"
},
{
"source": "cve@mitre.org",
"tags": [
"Release Notes",
"Vendor Advisory"
],
"url": "https://www.watchguard.com/support/release-notes/fireware/11/en-US/EN_ReleaseNotes_Fireware_11_12_2/index.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://watchguardsupport.force.com/publicKB?type=KBSecurityIssues\u0026SFDCID=kA62A0000000KlGSAU"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit",
"Third Party Advisory",
"VDB Entry"
],
"url": "https://packetstormsecurity.com/files/142177/watchguardfbxtm-xxeinject.txt"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit",
"Third Party Advisory"
],
"url": "https://www.sidertia.com/Home/Community/Blog/2017/04/17/Fixed-the-Fireware-Vulnerabilities-discovered-by-Sidertia"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Release Notes",
"Vendor Advisory"
],
"url": "https://www.watchguard.com/support/release-notes/fireware/11/en-US/EN_ReleaseNotes_Fireware_11_12_2/index.html"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-203"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2013-10-19 10:36
Modified
2024-11-21 01:57
Severity ?
Summary
Multiple cross-site scripting (XSS) vulnerabilities in WebCenter in WatchGuard WSM and Fireware before 11.8 allow remote attackers to inject arbitrary web script or HTML via unspecified parameters.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| watchguard | fireware | * | |
| watchguard | fireware | 11.6 | |
| watchguard | fireware | 11.6.1 | |
| watchguard | fireware | 11.6.3 | |
| watchguard | fireware | 11.6.5 | |
| watchguard | fireware | 11.6.6 | |
| watchguard | fireware | 11.7 | |
| watchguard | fireware | 11.7.2 | |
| watchguard | fireware | 11.7.3 | |
| watchguard | watchguard_system_manager | - |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:watchguard:fireware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "483E6F00-4E34-4C92-99A9-827C378DD49B",
"versionEndIncluding": "11.7.4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:watchguard:fireware:11.6:*:*:*:*:*:*:*",
"matchCriteriaId": "CCE69206-3250-491D-96DE-464D7ECD8C89",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:watchguard:fireware:11.6.1:*:*:*:*:*:*:*",
"matchCriteriaId": "278F550E-F595-496B-80DC-62BF67378E66",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:watchguard:fireware:11.6.3:*:*:*:*:*:*:*",
"matchCriteriaId": "F14FDC93-9DB2-4673-88EE-4BA3748D2C51",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:watchguard:fireware:11.6.5:*:*:*:*:*:*:*",
"matchCriteriaId": "8694387F-BCB1-4699-8A9B-4CB2974D5834",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:watchguard:fireware:11.6.6:*:*:*:*:*:*:*",
"matchCriteriaId": "6C1B8F8C-04BA-4DE2-A59C-559C1B596E9A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:watchguard:fireware:11.7:*:*:*:*:*:*:*",
"matchCriteriaId": "70BC26F4-53B5-48C9-A725-C2614ABAEE7D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:watchguard:fireware:11.7.2:*:*:*:*:*:*:*",
"matchCriteriaId": "67DC54BF-0714-4070-A9BC-4BB65EA9B7BF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:watchguard:fireware:11.7.3:*:*:*:*:*:*:*",
"matchCriteriaId": "CFF243AF-4B53-4209-B262-282139B485E0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:watchguard:watchguard_system_manager:-:*:*:*:*:*:*:*",
"matchCriteriaId": "7661CE09-C029-4ACF-9E18-7C4F9191CE35",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Multiple cross-site scripting (XSS) vulnerabilities in WebCenter in WatchGuard WSM and Fireware before 11.8 allow remote attackers to inject arbitrary web script or HTML via unspecified parameters."
},
{
"lang": "es",
"value": "M\u00faltiples vulnerabilidades corss-site scripting (XSS) en WebCenter de Watchguard WSM y Fireware anterior a 11.8, permite a atancates remotos, inyectar script web o HTML de forma arbitraria a traves de vectores no especificados."
}
],
"id": "CVE-2013-5702",
"lastModified": "2024-11-21T01:57:58.057",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "NONE",
"baseScore": 4.3,
"confidentialityImpact": "NONE",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:M/Au:N/C:N/I:P/A:N",
"version": "2.0"
},
"exploitabilityScore": 8.6,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": true
}
]
},
"published": "2013-10-19T10:36:08.353",
"references": [
{
"source": "cve@mitre.org",
"url": "http://watchguardsecuritycenter.com/2013/10/17/watchguard-dimension-and-fireware-xtm-11-8/"
},
{
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
],
"url": "http://watchguardsecuritycenter.com/2013/10/17/xtm-11-8-secfixes/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://watchguardsecuritycenter.com/2013/10/17/watchguard-dimension-and-fireware-xtm-11-8/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://watchguardsecuritycenter.com/2013/10/17/xtm-11-8-secfixes/"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-79"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2017-09-20 20:29
Modified
2024-11-21 03:13
Severity ?
Summary
An FBX-5313 issue was discovered in WatchGuard Fireware before 12.0. When a failed login attempt is made to the login endpoint of the XML-RPC interface, if JavaScript code, properly encoded to be consumed by XML parsers, is embedded as value of the user element, the code will be rendered in the context of any logged in user in the Web UI visiting "Traffic Monitor" sections "Events" and "All." As a side effect, no further events will be visible in the Traffic Monitor until the device is restarted.
References
| ▼ | URL | Tags | |
|---|---|---|---|
| cve@mitre.org | http://seclists.org/bugtraq/2017/Sep/22 | Exploit, Mailing List, Third Party Advisory | |
| cve@mitre.org | https://watchguardsupport.secure.force.com/publicKB?type=KBSecurityIssues&SFDCID=kA62A0000000L0HSAU&lang=en_US | Vendor Advisory | |
| cve@mitre.org | https://www.sidertia.com/Home/Community/Blog/2017/09/18/Fixed-Fireware-XXE-DOS-and-stored-XSS-vulnerabilities-discovered-by-Sidertia | Exploit, Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://seclists.org/bugtraq/2017/Sep/22 | Exploit, Mailing List, Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://watchguardsupport.secure.force.com/publicKB?type=KBSecurityIssues&SFDCID=kA62A0000000L0HSAU&lang=en_US | Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://www.sidertia.com/Home/Community/Blog/2017/09/18/Fixed-Fireware-XXE-DOS-and-stored-XSS-vulnerabilities-discovered-by-Sidertia | Exploit, Third Party Advisory |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| watchguard | fireware | * |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:watchguard:fireware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "1B6786D7-D193-4D19-9536-02F1F813EFEA",
"versionEndIncluding": "11.12.4",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "An FBX-5313 issue was discovered in WatchGuard Fireware before 12.0. When a failed login attempt is made to the login endpoint of the XML-RPC interface, if JavaScript code, properly encoded to be consumed by XML parsers, is embedded as value of the user element, the code will be rendered in the context of any logged in user in the Web UI visiting \"Traffic Monitor\" sections \"Events\" and \"All.\" As a side effect, no further events will be visible in the Traffic Monitor until the device is restarted."
},
{
"lang": "es",
"value": "Se ha descubierto un problema FBX-5313 en WatchGuard Fireware en versiones anteriores a la 12.0. Cuando se realiza un intento fallido de inicio de sesi\u00f3n en el punto de conexi\u00f3n de inicio de sesi\u00f3n de la interfaz XML-RPC, si el c\u00f3digo JavaScript, codificado para ser consumido por los analizadores sint\u00e1cticos XML, se embebe como valor del elemento usuario, el c\u00f3digo ser\u00e1 procesado en el contexto de cualquier usuario que haya iniciado sesi\u00f3n en la interfaz web y que visite las secciones de \"Events\" y \"All\" de\"Traffic Monitor\". Como efecto secundario, no podr\u00e1n visualizarse m\u00e1s eventos en el monitor de tr\u00e1fico hasta que se reinicie el dispositivo."
}
],
"id": "CVE-2017-14615",
"lastModified": "2024-11-21T03:13:12.450",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "NONE",
"baseScore": 4.3,
"confidentialityImpact": "NONE",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:M/Au:N/C:N/I:P/A:N",
"version": "2.0"
},
"exploitabilityScore": 8.6,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": true
}
],
"cvssMetricV30": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 6.1,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
"version": "3.0"
},
"exploitabilityScore": 2.8,
"impactScore": 2.7,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2017-09-20T20:29:00.230",
"references": [
{
"source": "cve@mitre.org",
"tags": [
"Exploit",
"Mailing List",
"Third Party Advisory"
],
"url": "http://seclists.org/bugtraq/2017/Sep/22"
},
{
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
],
"url": "https://watchguardsupport.secure.force.com/publicKB?type=KBSecurityIssues\u0026SFDCID=kA62A0000000L0HSAU\u0026lang=en_US"
},
{
"source": "cve@mitre.org",
"tags": [
"Exploit",
"Third Party Advisory"
],
"url": "https://www.sidertia.com/Home/Community/Blog/2017/09/18/Fixed-Fireware-XXE-DOS-and-stored-XSS-vulnerabilities-discovered-by-Sidertia"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit",
"Mailing List",
"Third Party Advisory"
],
"url": "http://seclists.org/bugtraq/2017/Sep/22"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://watchguardsupport.secure.force.com/publicKB?type=KBSecurityIssues\u0026SFDCID=kA62A0000000L0HSAU\u0026lang=en_US"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit",
"Third Party Advisory"
],
"url": "https://www.sidertia.com/Home/Community/Blog/2017/09/18/Fixed-Fireware-XXE-DOS-and-stored-XSS-vulnerabilities-discovered-by-Sidertia"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-79"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2024-07-09 03:15
Modified
2025-01-13 18:15
Severity ?
7.2 (High) - CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
7.2 (High) - CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
7.2 (High) - CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
Summary
A buffer overflow in WatchGuard Fireware OS could may allow an authenticated remote attacker with privileged management access to execute arbitrary code with system privileges on the firewall.
This issue affects Fireware OS: from 11.9.6 through 12.10.3.
References
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:watchguard:fireware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "625777A6-D12E-4BBC-BBF0-F7ABE40CC8F5",
"versionEndExcluding": "12.5.12",
"versionStartIncluding": "11.9.4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:watchguard:fireware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "7349E570-8D36-4B19-9DBD-E352BB458F23",
"versionEndExcluding": "12.10.4",
"versionStartIncluding": "12.6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:watchguard:fireware:12.5.12:u1:*:*:*:*:*:*",
"matchCriteriaId": "2B644B61-D7D7-4658-96FC-3AB7D394CBA8",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:watchguard:firebox_m200:-:*:*:*:*:*:*:*",
"matchCriteriaId": "947408A7-EC5A-43A0-A2F0-C51055F29BF0",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:watchguard:firebox_m270:-:*:*:*:*:*:*:*",
"matchCriteriaId": "E472917E-D6E1-4C2D-B37D-E76FCC7307CA",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:watchguard:firebox_m290:-:*:*:*:*:*:*:*",
"matchCriteriaId": "9A8C7779-4466-4A9E-B191-929E7746DFF7",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:watchguard:firebox_m300:-:*:*:*:*:*:*:*",
"matchCriteriaId": "7867C903-6DB6-4E58-AD44-07BBB9C45E72",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:watchguard:firebox_m370:-:*:*:*:*:*:*:*",
"matchCriteriaId": "6CE9A123-B769-4E56-845E-DC3DA6166C78",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:watchguard:firebox_m390:-:*:*:*:*:*:*:*",
"matchCriteriaId": "180FAE8C-2E73-4C09-AA11-0C82A7715FA3",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:watchguard:firebox_m400:-:*:*:*:*:*:*:*",
"matchCriteriaId": "7BD5BB5D-12FC-4D49-A2FA-8886077457B8",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:watchguard:firebox_m440:-:*:*:*:*:*:*:*",
"matchCriteriaId": "309DBEF2-1D92-4641-827F-D99758B5FFA3",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:watchguard:firebox_m470:-:*:*:*:*:*:*:*",
"matchCriteriaId": "BBFBA966-E052-4350-9544-3B5D484DBB6B",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:watchguard:firebox_m4800:-:*:*:*:*:*:*:*",
"matchCriteriaId": "EF1E586D-0E88-447A-95E8-5203EF869ADB",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:watchguard:firebox_m500:-:*:*:*:*:*:*:*",
"matchCriteriaId": "08422D7D-CA99-4303-B783-30F8CDCAC34C",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:watchguard:firebox_m570:-:*:*:*:*:*:*:*",
"matchCriteriaId": "59389EA2-3067-4AF8-AEC5-FE79E269C170",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:watchguard:firebox_m5800:-:*:*:*:*:*:*:*",
"matchCriteriaId": "445FA7CD-D0AE-4176-9AE5-293B918DE654",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:watchguard:firebox_m590:-:*:*:*:*:*:*:*",
"matchCriteriaId": "1B4A7366-0304-431E-B3E4-719BA575CEAC",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:watchguard:firebox_m670:-:*:*:*:*:*:*:*",
"matchCriteriaId": "E8512B4A-5269-4067-B9C6-475A4E8AD313",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:watchguard:firebox_m690:-:*:*:*:*:*:*:*",
"matchCriteriaId": "179C6166-87E1-44F8-B727-CDDE40C673D9",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:watchguard:firebox_t10:-:*:*:*:*:*:*:*",
"matchCriteriaId": "1D97A123-654D-40B0-A18B-FE4801BF4506",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:watchguard:firebox_t10-d:-:*:*:*:*:*:*:*",
"matchCriteriaId": "983AE311-F2BD-4260-839E-2D906B6E095A",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:watchguard:firebox_t10-w:-:*:*:*:*:*:*:*",
"matchCriteriaId": "28634F62-70D4-49F6-860F-8FE1B85707F6",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:watchguard:firebox_t15:-:*:*:*:*:*:*:*",
"matchCriteriaId": "626220F8-7F0C-4DD8-8001-12EA0A777A0D",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:watchguard:firebox_t15-w:-:*:*:*:*:*:*:*",
"matchCriteriaId": "083919C1-A383-430A-B56C-13C6128266F8",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:watchguard:firebox_t20:-:*:*:*:*:*:*:*",
"matchCriteriaId": "9295217E-C1A0-4A69-A0F0-C44814BB376C",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:watchguard:firebox_t20-w:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A4832E5E-E4ED-4222-B9A5-060FA6AA22DF",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:watchguard:firebox_t30:-:*:*:*:*:*:*:*",
"matchCriteriaId": "9E10A9DF-DD32-4E42-838D-E398B3451FBF",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:watchguard:firebox_t30-w:-:*:*:*:*:*:*:*",
"matchCriteriaId": "29D260C9-BB0C-4546-9E56-0283B9332AC5",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:watchguard:firebox_t35:-:*:*:*:*:*:*:*",
"matchCriteriaId": "E561A57F-91A5-4B3C-9F7D-62E9AB5163A7",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:watchguard:firebox_t35-r:-:*:*:*:*:*:*:*",
"matchCriteriaId": "0B691D60-C12E-49DA-9917-4513E4A57B55",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:watchguard:firebox_t35-w:-:*:*:*:*:*:*:*",
"matchCriteriaId": "7F374AC3-0292-428B-AA39-F60980874160",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:watchguard:firebox_t40:-:*:*:*:*:*:*:*",
"matchCriteriaId": "CC853916-8BDC-4F7C-BA53-D6AB490A9444",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:watchguard:firebox_t40-w:-:*:*:*:*:*:*:*",
"matchCriteriaId": "4267A4B5-4F48-4104-85E8-3F6B09FD2354",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:watchguard:firebox_t50:-:*:*:*:*:*:*:*",
"matchCriteriaId": "0D15B548-CB7C-44B6-A568-7F87652561D3",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:watchguard:firebox_t50-w:-:*:*:*:*:*:*:*",
"matchCriteriaId": "07EB3F3A-E508-42EF-9D11-9BC77C35EA60",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:watchguard:firebox_t55:-:*:*:*:*:*:*:*",
"matchCriteriaId": "D3562304-0317-4A3C-B622-D5CE01CC97F9",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:watchguard:firebox_t55-w:-:*:*:*:*:*:*:*",
"matchCriteriaId": "755CD8FA-C341-4C34-8005-A42C32BD85CF",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:watchguard:firebox_t70:-:*:*:*:*:*:*:*",
"matchCriteriaId": "327BA50A-366A-4367-93B8-328EC0136FA7",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:watchguard:firebox_t80:-:*:*:*:*:*:*:*",
"matchCriteriaId": "D92ABD52-20F6-4AB1-801F-9E7B7B1B78A1",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:watchguard:firebox_xtm1520-rp:-:*:*:*:*:*:*:*",
"matchCriteriaId": "3E7C021D-0C50-47A8-B8D6-27BE0FBD025C",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:watchguard:firebox_xtm1525-rp:-:*:*:*:*:*:*:*",
"matchCriteriaId": "5EF67525-E49F-4B2C-823B-8447E8450F27",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:watchguard:firebox_xtm2520:-:*:*:*:*:*:*:*",
"matchCriteriaId": "ED8D9112-1504-4341-B2F9-9967B5D02790",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:watchguard:firebox_xtm850:-:*:*:*:*:*:*:*",
"matchCriteriaId": "95BC88C9-324F-4803-97E4-91773827F4C3",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:watchguard:firebox_xtm860:-:*:*:*:*:*:*:*",
"matchCriteriaId": "AADF6164-8A53-4023-B326-C3CA1A4DE0A8",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:watchguard:firebox_xtm870:-:*:*:*:*:*:*:*",
"matchCriteriaId": "42A6A10F-C0C1-415F-943D-9CFADC35CF73",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:watchguard:firebox_xtm870-f:-:*:*:*:*:*:*:*",
"matchCriteriaId": "4EF5490C-5BBD-476C-916E-26C5426A6069",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:watchguard:fireboxcloud:-:*:*:*:*:*:*:*",
"matchCriteriaId": "158560A0-D694-41AF-A5F8-0F6FB3EFB8FA",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:watchguard:fireboxt_nv5:*:*:*:*:*:*:*:*",
"matchCriteriaId": "EDA8CE73-14FB-443C-8085-388C61706A90",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:watchguard:fireboxt_t25:*:*:*:*:*:*:*:*",
"matchCriteriaId": "55490F9D-F216-4A2C-B28D-6DE01CFD5DB7",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:watchguard:fireboxt_t45:*:*:*:*:*:*:*:*",
"matchCriteriaId": "26488C22-70A1-434B-9FC2-7C0EB4E2696F",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:watchguard:fireboxt_t85:*:*:*:*:*:*:*:*",
"matchCriteriaId": "C5EDF2C3-FDF2-4D97-A056-462AE61DBF8A",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:watchguard:fireboxv:-:*:*:*:*:*:*:*",
"matchCriteriaId": "4ECAE1D7-9868-4730-B645-44CB1B6FDE96",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:watchguard:xtmv:-:*:*:*:*:*:*:*",
"matchCriteriaId": "72807176-5A59-4BFD-B6C0-2738D9FD3AB5",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "A buffer overflow in WatchGuard Fireware OS could may allow an authenticated remote attacker with privileged management access to execute arbitrary code with system privileges on the firewall.\nThis issue affects Fireware OS: from 11.9.6 through 12.10.3."
},
{
"lang": "es",
"value": "Un desbordamiento del b\u00fafer en WatchGuard Fireware OS podr\u00eda permitir que un atacante remoto autenticado con acceso de administraci\u00f3n privilegiado ejecute c\u00f3digo arbitrario con privilegios del sistema en el firewall. Este problema afecta al sistema operativo Fireware: desde 11.9.6 hasta 12.10.3."
}
],
"id": "CVE-2024-5974",
"lastModified": "2025-01-13T18:15:19.697",
"metrics": {
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.2,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 1.2,
"impactScore": 5.9,
"source": "5d1c2695-1a31-4499-88ae-e847036fd7e3",
"type": "Secondary"
},
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.2,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 1.2,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2024-07-09T03:15:02.507",
"references": [
{
"source": "5d1c2695-1a31-4499-88ae-e847036fd7e3",
"tags": [
"Vendor Advisory"
],
"url": "https://www.watchguard.com/wgrd-psirt/advisory/wgsa-2024-00011"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://www.watchguard.com/wgrd-psirt/advisory/wgsa-2024-00011"
}
],
"sourceIdentifier": "5d1c2695-1a31-4499-88ae-e847036fd7e3",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-120"
}
],
"source": "5d1c2695-1a31-4499-88ae-e847036fd7e3",
"type": "Secondary"
},
{
"description": [
{
"lang": "en",
"value": "CWE-120"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2022-09-06 18:15
Modified
2024-11-21 07:05
Severity ?
Summary
WatchGuard Firebox and XTM appliances allow an unauthenticated remote attacker to retrieve sensitive authentication server settings by sending a malicious request to exposed authentication endpoints. This is fixed in Fireware OS 12.8.1, 12.5.10, and 12.1.4.
References
| ▼ | URL | Tags | |
|---|---|---|---|
| cve@mitre.org | https://www.ambionics.io/blog/hacking-watchguard-firewalls | Exploit, Third Party Advisory | |
| cve@mitre.org | https://www.openwall.com/lists/oss-security/2022/08/30/2 | Mailing List, Third Party Advisory | |
| cve@mitre.org | https://www.watchguard.com/wgrd-psirt/advisory/wgsa-2022-00017 | Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://www.ambionics.io/blog/hacking-watchguard-firewalls | Exploit, Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://www.openwall.com/lists/oss-security/2022/08/30/2 | Mailing List, Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://www.watchguard.com/wgrd-psirt/advisory/wgsa-2022-00017 | Vendor Advisory |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| watchguard | fireware | * | |
| watchguard | fireware | * | |
| watchguard | fireware | 12.6.1 | |
| watchguard | fireware | 12.6.1 | |
| watchguard | fireware | 12.6.3 | |
| watchguard | fireware | 12.6.4 | |
| watchguard | fireware | 12.7.0 | |
| watchguard | fireware | 12.7.1 | |
| watchguard | fireware | 12.7.2 | |
| watchguard | fireware | 12.8.0 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:watchguard:fireware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "50E35898-20FC-4D3E-B059-EDFEEB2E19F3",
"versionEndExcluding": "12.1.4",
"versionStartIncluding": "12.0.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:watchguard:fireware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "58A5359B-EC12-4C13-B9CC-EE1B49DB67AE",
"versionEndExcluding": "12.5.10",
"versionStartIncluding": "12.2.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:watchguard:fireware:12.6.1:u1:*:*:*:*:*:*",
"matchCriteriaId": "2EDC1E95-9077-423E-90F4-928068CA6D74",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:watchguard:fireware:12.6.1:u3:*:*:*:*:*:*",
"matchCriteriaId": "C557A092-41F2-4325-884C-B4C03E196A56",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:watchguard:fireware:12.6.3:*:*:*:*:*:*:*",
"matchCriteriaId": "41CE5E56-7E6E-48ED-A619-06BE1DAAABD2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:watchguard:fireware:12.6.4:*:*:*:*:*:*:*",
"matchCriteriaId": "299FC710-1AA1-4D3F-B902-231114B75B94",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:watchguard:fireware:12.7.0:u1:*:*:*:*:*:*",
"matchCriteriaId": "45C56536-625E-4E5A-B77A-CF33CEEBC91D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:watchguard:fireware:12.7.1:*:*:*:*:*:*:*",
"matchCriteriaId": "002B43DA-5A94-495D-8736-2FC5997155F9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:watchguard:fireware:12.7.2:u2:*:*:*:*:*:*",
"matchCriteriaId": "4B189948-8037-4CB1-A859-0CCB5D9576F8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:watchguard:fireware:12.8.0:u1:*:*:*:*:*:*",
"matchCriteriaId": "350B4BC0-B366-468B-93BF-366CA72EE5EC",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "WatchGuard Firebox and XTM appliances allow an unauthenticated remote attacker to retrieve sensitive authentication server settings by sending a malicious request to exposed authentication endpoints. This is fixed in Fireware OS 12.8.1, 12.5.10, and 12.1.4."
},
{
"lang": "es",
"value": "Los dispositivos WatchGuard Firebox y XTM permiten a un atacante remoto no autenticado recuperar configuraciones confidenciales del servidor de autenticaci\u00f3n mediante el env\u00edo de una petici\u00f3n maliciosa a los endpoints de autenticaci\u00f3n expuestos. Esto ha sido corregido en Fireware OS versiones 12.8.1, 12.5.10 y 12.1.4.\n"
}
],
"id": "CVE-2022-31790",
"lastModified": "2024-11-21T07:05:19.793",
"metrics": {
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
},
"exploitabilityScore": 3.9,
"impactScore": 3.6,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2022-09-06T18:15:15.440",
"references": [
{
"source": "cve@mitre.org",
"tags": [
"Exploit",
"Third Party Advisory"
],
"url": "https://www.ambionics.io/blog/hacking-watchguard-firewalls"
},
{
"source": "cve@mitre.org",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "https://www.openwall.com/lists/oss-security/2022/08/30/2"
},
{
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
],
"url": "https://www.watchguard.com/wgrd-psirt/advisory/wgsa-2022-00017"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit",
"Third Party Advisory"
],
"url": "https://www.ambionics.io/blog/hacking-watchguard-firewalls"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "https://www.openwall.com/lists/oss-security/2022/08/30/2"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://www.watchguard.com/wgrd-psirt/advisory/wgsa-2022-00017"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-noinfo"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2022-02-24 15:15
Modified
2024-11-21 06:51
Severity ?
Summary
A systemd stack-based buffer overflow in WatchGuard Firebox and XTM appliances allows an authenticated remote attacker to potentially execute arbitrary code by initiating a firmware update with a malicious upgrade image. This vulnerability impacts Fireware OS before 12.7.2_U2, 12.x before 12.1.3_U8, and 12.2.x through 12.5.x before 12.5.9_U2.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| watchguard | fireware | * | |
| watchguard | fireware | * | |
| watchguard | fireware | * | |
| watchguard | fireware | 12.1.3 | |
| watchguard | fireware | 12.1.3 | |
| watchguard | fireware | 12.1.3 | |
| watchguard | fireware | 12.1.3 | |
| watchguard | fireware | 12.1.3 | |
| watchguard | fireware | 12.1.3 | |
| watchguard | fireware | 12.1.3 | |
| watchguard | fireware | 12.1.3 | |
| watchguard | fireware | 12.5.9 | |
| watchguard | fireware | 12.5.9 | |
| watchguard | fireware | 12.7.2 | |
| watchguard | fireware | 12.7.2 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:watchguard:fireware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "E7C2E450-C7DC-40F4-928C-2323428E4DF4",
"versionEndExcluding": "12.1.3",
"versionStartIncluding": "12.0.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:watchguard:fireware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "CE9EB306-8BF2-4904-ACA5-5938844CB0A9",
"versionEndExcluding": "12.5.9",
"versionStartIncluding": "12.2.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:watchguard:fireware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "D684DF8B-6F0B-4189-B7B5-79A09ABCE0F0",
"versionEndExcluding": "12.7.2",
"versionStartIncluding": "12.7.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:watchguard:fireware:12.1.3:-:*:*:*:*:*:*",
"matchCriteriaId": "0F3E6444-AA30-4F87-AB97-12601CEDF14E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:watchguard:fireware:12.1.3:u1:*:*:*:*:*:*",
"matchCriteriaId": "48106213-C927-4232-A95F-4E6962E72BF9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:watchguard:fireware:12.1.3:u2:*:*:*:*:*:*",
"matchCriteriaId": "EB0676CA-E9BF-4CB8-99D2-7FA0ACC711EA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:watchguard:fireware:12.1.3:u3:*:*:*:*:*:*",
"matchCriteriaId": "AE1BB0F7-72F1-4601-A1E2-161FCA8819B8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:watchguard:fireware:12.1.3:u4:*:*:*:*:*:*",
"matchCriteriaId": "583E164A-E308-4666-84AF-E0ADC16427B4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:watchguard:fireware:12.1.3:u5:*:*:*:*:*:*",
"matchCriteriaId": "B310FA82-61C6-4D40-A263-789223301513",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:watchguard:fireware:12.1.3:u6:*:*:*:*:*:*",
"matchCriteriaId": "49901BE7-00EA-4180-BC45-CBBFEC295A31",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:watchguard:fireware:12.1.3:u7:*:*:*:*:*:*",
"matchCriteriaId": "5E842BF2-3C47-4C9B-8BA1-B448A2835E0A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:watchguard:fireware:12.5.9:-:*:*:*:*:*:*",
"matchCriteriaId": "C9586510-0B33-45C9-8550-206791E3C0D6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:watchguard:fireware:12.5.9:u1:*:*:*:*:*:*",
"matchCriteriaId": "3B345B31-2DC2-49C5-8AC1-A4B12A5B679B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:watchguard:fireware:12.7.2:-:*:*:*:*:*:*",
"matchCriteriaId": "CA32519C-7B8B-4270-BBAD-7CAFAD28AA5E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:watchguard:fireware:12.7.2:u1:*:*:*:*:*:*",
"matchCriteriaId": "CF8ECE0C-9997-42EB-A983-B930EA4D10E4",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "A systemd stack-based buffer overflow in WatchGuard Firebox and XTM appliances allows an authenticated remote attacker to potentially execute arbitrary code by initiating a firmware update with a malicious upgrade image. This vulnerability impacts Fireware OS before 12.7.2_U2, 12.x before 12.1.3_U8, and 12.2.x through 12.5.x before 12.5.9_U2."
},
{
"lang": "es",
"value": "Un desbordamiento de b\u00fafer basado en la pila systemd en los dispositivos WatchGuard Firebox y XTM permite a un atacante remoto autenticado ejecutar potencialmente c\u00f3digo arbitrario al iniciar una actualizaci\u00f3n de firmware con una imagen de actualizaci\u00f3n maliciosa. Esta vulnerabilidad afecta a Fireware OS versiones anteriores a 12.7.2_U2, versiones 12.x anteriores a 12.1.3_U8 y versiones 12.2.x hasta 12.5.x anteriores a 12.5.9_U2"
}
],
"id": "CVE-2022-25293",
"lastModified": "2024-11-21T06:51:56.487",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "SINGLE",
"availabilityImpact": "PARTIAL",
"baseScore": 6.5,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:L/Au:S/C:P/I:P/A:P",
"version": "2.0"
},
"exploitabilityScore": 8.0,
"impactScore": 6.4,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 2.8,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2022-02-24T15:15:31.100",
"references": [
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
],
"url": "https://cwe.mitre.org/data/definitions/121.html"
},
{
"source": "cve@mitre.org",
"tags": [
"Release Notes",
"Vendor Advisory"
],
"url": "https://www.watchguard.com/support/release-notes/fireware/12/en-US/EN_ReleaseNotes_Fireware_12_7_2/index.html#Fireware/en-US/resolved_issues.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://cwe.mitre.org/data/definitions/121.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Release Notes",
"Vendor Advisory"
],
"url": "https://www.watchguard.com/support/release-notes/fireware/12/en-US/EN_ReleaseNotes_Fireware_12_7_2/index.html#Fireware/en-US/resolved_issues.html"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-787"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2013-10-19 10:36
Modified
2024-11-21 01:58
Severity ?
Summary
Buffer overflow in WGagent in WatchGuard WSM and Fireware before 11.8 allows remote attackers to execute arbitrary code via a long sessionid value in a cookie.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| watchguard | fireware | * | |
| watchguard | fireware | 11.0.2 | |
| watchguard | fireware | 11.1 | |
| watchguard | fireware | 11.2.3 | |
| watchguard | fireware | 11.3 | |
| watchguard | fireware | 11.3.6 | |
| watchguard | fireware | 11.4 | |
| watchguard | fireware | 11.4.2 | |
| watchguard | fireware | 11.5.1 | |
| watchguard | fireware | 11.5.3 | |
| watchguard | fireware | 11.6.6 | |
| watchguard | fireware | 11.7.2 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:watchguard:fireware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "483E6F00-4E34-4C92-99A9-827C378DD49B",
"versionEndIncluding": "11.7.4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:watchguard:fireware:11.0.2:*:*:*:*:*:*:*",
"matchCriteriaId": "FD6B3878-39D2-4BC0-B5A0-0DF5BAF8D5B8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:watchguard:fireware:11.1:*:*:*:*:*:*:*",
"matchCriteriaId": "3A9CA056-EDEE-4036-8F07-68020E7B33DE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:watchguard:fireware:11.2.3:*:*:*:*:*:*:*",
"matchCriteriaId": "A794EBD1-222F-44F8-BE8B-5227CEE1C037",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:watchguard:fireware:11.3:*:*:*:*:*:*:*",
"matchCriteriaId": "70C80D67-B0A6-417D-8DC0-E465B453C49B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:watchguard:fireware:11.3.6:*:*:*:*:*:*:*",
"matchCriteriaId": "F752FF0B-39B4-4CF0-8C68-69A8C5D1C510",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:watchguard:fireware:11.4:*:*:*:*:*:*:*",
"matchCriteriaId": "E0365E8B-7A54-4773-90C4-F6D6518EBBA6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:watchguard:fireware:11.4.2:*:*:*:*:*:*:*",
"matchCriteriaId": "372E22FB-2CFE-423F-8B6C-4516F44CAE5E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:watchguard:fireware:11.5.1:*:*:*:*:*:*:*",
"matchCriteriaId": "D0710A14-DBA5-4FBA-B1F2-FE2505160A15",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:watchguard:fireware:11.5.3:*:*:*:*:*:*:*",
"matchCriteriaId": "0FB4372D-7CA3-414C-B56F-7D3731B0AF0D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:watchguard:fireware:11.6.6:*:*:*:*:*:*:*",
"matchCriteriaId": "6C1B8F8C-04BA-4DE2-A59C-559C1B596E9A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:watchguard:fireware:11.7.2:*:*:*:*:*:*:*",
"matchCriteriaId": "67DC54BF-0714-4070-A9BC-4BB65EA9B7BF",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Buffer overflow in WGagent in WatchGuard WSM and Fireware before 11.8 allows remote attackers to execute arbitrary code via a long sessionid value in a cookie."
},
{
"lang": "es",
"value": "Desbordamiento de buffer en WGagent de WatchGuard WSM y Fireware anterior a la versi\u00f3n 11.8 permite a atacantes remotos ejecutar c\u00f3digo arbitrario a trav\u00e9s de un valor largo de sessionid en una cookie."
}
],
"id": "CVE-2013-6021",
"lastModified": "2024-11-21T01:58:38.240",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"baseScore": 9.3,
"confidentialityImpact": "COMPLETE",
"integrityImpact": "COMPLETE",
"vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
"exploitabilityScore": 8.6,
"impactScore": 10.0,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2013-10-19T10:36:08.573",
"references": [
{
"source": "cret@cert.org",
"url": "http://osvdb.org/98752"
},
{
"source": "cret@cert.org",
"tags": [
"Vendor Advisory"
],
"url": "http://watchguardsecuritycenter.com/2013/10/17/watchguard-dimension-and-fireware-xtm-11-8/"
},
{
"source": "cret@cert.org",
"tags": [
"Vendor Advisory"
],
"url": "http://watchguardsecuritycenter.com/2013/10/17/xtm-11-8-secfixes/"
},
{
"source": "cret@cert.org",
"tags": [
"Exploit"
],
"url": "http://www.exploit-db.com/exploits/29273"
},
{
"source": "cret@cert.org",
"tags": [
"Patch",
"US Government Resource"
],
"url": "http://www.kb.cert.org/vuls/id/233990"
},
{
"source": "cret@cert.org",
"tags": [
"Exploit"
],
"url": "http://www.securityfocus.com/bid/63227"
},
{
"source": "cret@cert.org",
"tags": [
"Exploit"
],
"url": "https://funoverip.net/2013/10/watchguard-cve-2013-6021-stack-based-buffer-overflow-exploit/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://osvdb.org/98752"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://watchguardsecuritycenter.com/2013/10/17/watchguard-dimension-and-fireware-xtm-11-8/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://watchguardsecuritycenter.com/2013/10/17/xtm-11-8-secfixes/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit"
],
"url": "http://www.exploit-db.com/exploits/29273"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"US Government Resource"
],
"url": "http://www.kb.cert.org/vuls/id/233990"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit"
],
"url": "http://www.securityfocus.com/bid/63227"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit"
],
"url": "https://funoverip.net/2013/10/watchguard-cve-2013-6021-stack-based-buffer-overflow-exploit/"
}
],
"sourceIdentifier": "cret@cert.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-119"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2022-02-24 15:15
Modified
2024-11-21 06:52
Severity ?
Summary
WatchGuard Firebox and XTM appliances allow an authenticated remote attacker with unprivileged credentials to modify privileged management user credentials. This vulnerability impacts Fireware OS before 12.7.2_U2, 12.x before 12.1.3_U8, and 12.2.x through 12.5.x before 12.5.9_U2.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| watchguard | fireware | * | |
| watchguard | fireware | * | |
| watchguard | fireware | * | |
| watchguard | fireware | 12.1.3 | |
| watchguard | fireware | 12.1.3 | |
| watchguard | fireware | 12.1.3 | |
| watchguard | fireware | 12.1.3 | |
| watchguard | fireware | 12.1.3 | |
| watchguard | fireware | 12.1.3 | |
| watchguard | fireware | 12.1.3 | |
| watchguard | fireware | 12.1.3 | |
| watchguard | fireware | 12.5.9 | |
| watchguard | fireware | 12.5.9 | |
| watchguard | fireware | 12.7.2 | |
| watchguard | fireware | 12.7.2 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:watchguard:fireware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "E7C2E450-C7DC-40F4-928C-2323428E4DF4",
"versionEndExcluding": "12.1.3",
"versionStartIncluding": "12.0.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:watchguard:fireware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "CE9EB306-8BF2-4904-ACA5-5938844CB0A9",
"versionEndExcluding": "12.5.9",
"versionStartIncluding": "12.2.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:watchguard:fireware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "D684DF8B-6F0B-4189-B7B5-79A09ABCE0F0",
"versionEndExcluding": "12.7.2",
"versionStartIncluding": "12.7.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:watchguard:fireware:12.1.3:-:*:*:*:*:*:*",
"matchCriteriaId": "0F3E6444-AA30-4F87-AB97-12601CEDF14E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:watchguard:fireware:12.1.3:u1:*:*:*:*:*:*",
"matchCriteriaId": "48106213-C927-4232-A95F-4E6962E72BF9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:watchguard:fireware:12.1.3:u2:*:*:*:*:*:*",
"matchCriteriaId": "EB0676CA-E9BF-4CB8-99D2-7FA0ACC711EA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:watchguard:fireware:12.1.3:u3:*:*:*:*:*:*",
"matchCriteriaId": "AE1BB0F7-72F1-4601-A1E2-161FCA8819B8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:watchguard:fireware:12.1.3:u4:*:*:*:*:*:*",
"matchCriteriaId": "583E164A-E308-4666-84AF-E0ADC16427B4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:watchguard:fireware:12.1.3:u5:*:*:*:*:*:*",
"matchCriteriaId": "B310FA82-61C6-4D40-A263-789223301513",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:watchguard:fireware:12.1.3:u6:*:*:*:*:*:*",
"matchCriteriaId": "49901BE7-00EA-4180-BC45-CBBFEC295A31",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:watchguard:fireware:12.1.3:u7:*:*:*:*:*:*",
"matchCriteriaId": "5E842BF2-3C47-4C9B-8BA1-B448A2835E0A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:watchguard:fireware:12.5.9:-:*:*:*:*:*:*",
"matchCriteriaId": "C9586510-0B33-45C9-8550-206791E3C0D6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:watchguard:fireware:12.5.9:u1:*:*:*:*:*:*",
"matchCriteriaId": "3B345B31-2DC2-49C5-8AC1-A4B12A5B679B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:watchguard:fireware:12.7.2:-:*:*:*:*:*:*",
"matchCriteriaId": "CA32519C-7B8B-4270-BBAD-7CAFAD28AA5E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:watchguard:fireware:12.7.2:u1:*:*:*:*:*:*",
"matchCriteriaId": "CF8ECE0C-9997-42EB-A983-B930EA4D10E4",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "WatchGuard Firebox and XTM appliances allow an authenticated remote attacker with unprivileged credentials to modify privileged management user credentials. This vulnerability impacts Fireware OS before 12.7.2_U2, 12.x before 12.1.3_U8, and 12.2.x through 12.5.x before 12.5.9_U2."
},
{
"lang": "es",
"value": "Los dispositivos WatchGuard Firebox y XTM permiten a un atacante remoto autenticado con credenciales no privilegiadas modificar las credenciales privilegiadas de los usuarios de administraci\u00f3n. Esta vulnerabilidad afecta a Fireware OS versiones anteriores a 12.7.2_U2, versiones 12.x anteriores a 12.1.3_U8 y versiones 12.2.x hasta 12.5.x anteriores a 12.5.9_U2"
}
],
"id": "CVE-2022-25363",
"lastModified": "2024-11-21T06:52:04.803",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "SINGLE",
"availabilityImpact": "NONE",
"baseScore": 4.0,
"confidentialityImpact": "NONE",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:L/Au:S/C:N/I:P/A:N",
"version": "2.0"
},
"exploitabilityScore": 8.0,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N",
"version": "3.1"
},
"exploitabilityScore": 2.8,
"impactScore": 3.6,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2022-02-24T15:15:31.577",
"references": [
{
"source": "cve@mitre.org",
"tags": [
"Release Notes",
"Vendor Advisory"
],
"url": "https://www.watchguard.com/support/release-notes/fireware/12/en-US/EN_ReleaseNotes_Fireware_12_7_2/index.html#Fireware/en-US/resolved_issues.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Release Notes",
"Vendor Advisory"
],
"url": "https://www.watchguard.com/support/release-notes/fireware/12/en-US/EN_ReleaseNotes_Fireware_12_7_2/index.html#Fireware/en-US/resolved_issues.html"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-787"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2022-09-06 19:15
Modified
2024-11-21 07:05
Severity ?
Summary
An integer overflow in WatchGuard Firebox and XTM appliances allows an unauthenticated remote attacker to trigger a buffer overflow and potentially execute arbitrary code by sending a malicious request to exposed management ports. This is fixed in Fireware OS 12.8.1, 12.5.10, and 12.1.4.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| watchguard | fireware | * | |
| watchguard | fireware | * | |
| watchguard | fireware | 12.6.1 | |
| watchguard | fireware | 12.6.1 | |
| watchguard | fireware | 12.6.3 | |
| watchguard | fireware | 12.6.4 | |
| watchguard | fireware | 12.7.0 | |
| watchguard | fireware | 12.7.1 | |
| watchguard | fireware | 12.7.2 | |
| watchguard | fireware | 12.8.0 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:watchguard:fireware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "50E35898-20FC-4D3E-B059-EDFEEB2E19F3",
"versionEndExcluding": "12.1.4",
"versionStartIncluding": "12.0.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:watchguard:fireware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "58A5359B-EC12-4C13-B9CC-EE1B49DB67AE",
"versionEndExcluding": "12.5.10",
"versionStartIncluding": "12.2.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:watchguard:fireware:12.6.1:u1:*:*:*:*:*:*",
"matchCriteriaId": "2EDC1E95-9077-423E-90F4-928068CA6D74",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:watchguard:fireware:12.6.1:u3:*:*:*:*:*:*",
"matchCriteriaId": "C557A092-41F2-4325-884C-B4C03E196A56",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:watchguard:fireware:12.6.3:*:*:*:*:*:*:*",
"matchCriteriaId": "41CE5E56-7E6E-48ED-A619-06BE1DAAABD2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:watchguard:fireware:12.6.4:*:*:*:*:*:*:*",
"matchCriteriaId": "299FC710-1AA1-4D3F-B902-231114B75B94",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:watchguard:fireware:12.7.0:u1:*:*:*:*:*:*",
"matchCriteriaId": "45C56536-625E-4E5A-B77A-CF33CEEBC91D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:watchguard:fireware:12.7.1:*:*:*:*:*:*:*",
"matchCriteriaId": "002B43DA-5A94-495D-8736-2FC5997155F9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:watchguard:fireware:12.7.2:u2:*:*:*:*:*:*",
"matchCriteriaId": "4B189948-8037-4CB1-A859-0CCB5D9576F8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:watchguard:fireware:12.8.0:u1:*:*:*:*:*:*",
"matchCriteriaId": "350B4BC0-B366-468B-93BF-366CA72EE5EC",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "An integer overflow in WatchGuard Firebox and XTM appliances allows an unauthenticated remote attacker to trigger a buffer overflow and potentially execute arbitrary code by sending a malicious request to exposed management ports. This is fixed in Fireware OS 12.8.1, 12.5.10, and 12.1.4."
},
{
"lang": "es",
"value": "Un desbordamiento de enteros en los dispositivos WatchGuard Firebox y XTM permite a un atacante remoto no autenticado desencadenar un desbordamiento de b\u00fafer y potencialmente ejecutar c\u00f3digo arbitrario enviando una petici\u00f3n maliciosa a los puertos de administraci\u00f3n expuestos. Esto ha sido corregido en Fireware OS versiones 12.8.1, 12.5.10 y 12.1.4.\n"
}
],
"id": "CVE-2022-31789",
"lastModified": "2024-11-21T07:05:19.640",
"metrics": {
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 3.9,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2022-09-06T19:15:08.363",
"references": [
{
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
],
"url": "https://www.watchguard.com/wgrd-psirt/advisory/wgsa-2022-00015"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://www.watchguard.com/wgrd-psirt/advisory/wgsa-2022-00015"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-190"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2022-02-24 15:15
Modified
2024-11-21 06:52
Severity ?
Summary
WatchGuard Firebox and XTM appliances allow an authenticated remote attacker with unprivileged credentials to upload files to arbitrary locations. This vulnerability impacts Fireware OS before 12.7.2_U2, 12.x before 12.1.3_U8, and 12.2.x through 12.5.x before 12.5.9_U2.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| watchguard | fireware | * | |
| watchguard | fireware | * | |
| watchguard | fireware | * | |
| watchguard | fireware | 12.1.3 | |
| watchguard | fireware | 12.1.3 | |
| watchguard | fireware | 12.1.3 | |
| watchguard | fireware | 12.1.3 | |
| watchguard | fireware | 12.1.3 | |
| watchguard | fireware | 12.1.3 | |
| watchguard | fireware | 12.1.3 | |
| watchguard | fireware | 12.1.3 | |
| watchguard | fireware | 12.5.9 | |
| watchguard | fireware | 12.5.9 | |
| watchguard | fireware | 12.7.2 | |
| watchguard | fireware | 12.7.2 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:watchguard:fireware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "E7C2E450-C7DC-40F4-928C-2323428E4DF4",
"versionEndExcluding": "12.1.3",
"versionStartIncluding": "12.0.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:watchguard:fireware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "CE9EB306-8BF2-4904-ACA5-5938844CB0A9",
"versionEndExcluding": "12.5.9",
"versionStartIncluding": "12.2.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:watchguard:fireware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "D684DF8B-6F0B-4189-B7B5-79A09ABCE0F0",
"versionEndExcluding": "12.7.2",
"versionStartIncluding": "12.7.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:watchguard:fireware:12.1.3:-:*:*:*:*:*:*",
"matchCriteriaId": "0F3E6444-AA30-4F87-AB97-12601CEDF14E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:watchguard:fireware:12.1.3:u1:*:*:*:*:*:*",
"matchCriteriaId": "48106213-C927-4232-A95F-4E6962E72BF9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:watchguard:fireware:12.1.3:u2:*:*:*:*:*:*",
"matchCriteriaId": "EB0676CA-E9BF-4CB8-99D2-7FA0ACC711EA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:watchguard:fireware:12.1.3:u3:*:*:*:*:*:*",
"matchCriteriaId": "AE1BB0F7-72F1-4601-A1E2-161FCA8819B8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:watchguard:fireware:12.1.3:u4:*:*:*:*:*:*",
"matchCriteriaId": "583E164A-E308-4666-84AF-E0ADC16427B4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:watchguard:fireware:12.1.3:u5:*:*:*:*:*:*",
"matchCriteriaId": "B310FA82-61C6-4D40-A263-789223301513",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:watchguard:fireware:12.1.3:u6:*:*:*:*:*:*",
"matchCriteriaId": "49901BE7-00EA-4180-BC45-CBBFEC295A31",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:watchguard:fireware:12.1.3:u7:*:*:*:*:*:*",
"matchCriteriaId": "5E842BF2-3C47-4C9B-8BA1-B448A2835E0A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:watchguard:fireware:12.5.9:-:*:*:*:*:*:*",
"matchCriteriaId": "C9586510-0B33-45C9-8550-206791E3C0D6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:watchguard:fireware:12.5.9:u1:*:*:*:*:*:*",
"matchCriteriaId": "3B345B31-2DC2-49C5-8AC1-A4B12A5B679B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:watchguard:fireware:12.7.2:-:*:*:*:*:*:*",
"matchCriteriaId": "CA32519C-7B8B-4270-BBAD-7CAFAD28AA5E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:watchguard:fireware:12.7.2:u1:*:*:*:*:*:*",
"matchCriteriaId": "CF8ECE0C-9997-42EB-A983-B930EA4D10E4",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "WatchGuard Firebox and XTM appliances allow an authenticated remote attacker with unprivileged credentials to upload files to arbitrary locations. This vulnerability impacts Fireware OS before 12.7.2_U2, 12.x before 12.1.3_U8, and 12.2.x through 12.5.x before 12.5.9_U2."
},
{
"lang": "es",
"value": "Los dispositivos WatchGuard Firebox y XTM permiten a un atacante remoto autenticado con credenciales no privilegiado subir archivos a ubicaciones arbitrarias. Esta vulnerabilidad afecta a Fireware OS versiones anteriores a 12.7.2_U2, versiones 12.x anteriores a 12.1.3_U8 y versiones 12.2.x hasta 12.5.x anteriores a 12.5.9_U2"
}
],
"id": "CVE-2022-25360",
"lastModified": "2024-11-21T06:52:04.487",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "SINGLE",
"availabilityImpact": "PARTIAL",
"baseScore": 6.5,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:L/Au:S/C:P/I:P/A:P",
"version": "2.0"
},
"exploitabilityScore": 8.0,
"impactScore": 6.4,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 2.8,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2022-02-24T15:15:31.533",
"references": [
{
"source": "cve@mitre.org",
"tags": [
"Release Notes",
"Vendor Advisory"
],
"url": "https://www.watchguard.com/support/release-notes/fireware/12/en-US/EN_ReleaseNotes_Fireware_12_7_2/index.html#Fireware/en-US/resolved_issues.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Release Notes",
"Vendor Advisory"
],
"url": "https://www.watchguard.com/support/release-notes/fireware/12/en-US/EN_ReleaseNotes_Fireware_12_7_2/index.html#Fireware/en-US/resolved_issues.html"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-434"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2022-02-24 15:15
Modified
2024-11-21 06:51
Severity ?
Summary
An integer overflow in WatchGuard Firebox and XTM appliances allows an authenticated remote attacker to trigger a heap-based buffer overflow and potentially execute arbitrary code by initiating a firmware update with a malicious upgrade image. This vulnerability impacts Fireware OS before 12.7.2_U2, 12.x before 12.1.3_U8, and 12.2.x through 12.5.x before 12.5.9_U2.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| watchguard | fireware | * | |
| watchguard | fireware | * | |
| watchguard | fireware | * | |
| watchguard | fireware | 12.1.3 | |
| watchguard | fireware | 12.1.3 | |
| watchguard | fireware | 12.1.3 | |
| watchguard | fireware | 12.1.3 | |
| watchguard | fireware | 12.1.3 | |
| watchguard | fireware | 12.1.3 | |
| watchguard | fireware | 12.1.3 | |
| watchguard | fireware | 12.1.3 | |
| watchguard | fireware | 12.5.9 | |
| watchguard | fireware | 12.5.9 | |
| watchguard | fireware | 12.7.2 | |
| watchguard | fireware | 12.7.2 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:watchguard:fireware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "E7C2E450-C7DC-40F4-928C-2323428E4DF4",
"versionEndExcluding": "12.1.3",
"versionStartIncluding": "12.0.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:watchguard:fireware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "CE9EB306-8BF2-4904-ACA5-5938844CB0A9",
"versionEndExcluding": "12.5.9",
"versionStartIncluding": "12.2.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:watchguard:fireware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "D684DF8B-6F0B-4189-B7B5-79A09ABCE0F0",
"versionEndExcluding": "12.7.2",
"versionStartIncluding": "12.7.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:watchguard:fireware:12.1.3:-:*:*:*:*:*:*",
"matchCriteriaId": "0F3E6444-AA30-4F87-AB97-12601CEDF14E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:watchguard:fireware:12.1.3:u1:*:*:*:*:*:*",
"matchCriteriaId": "48106213-C927-4232-A95F-4E6962E72BF9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:watchguard:fireware:12.1.3:u2:*:*:*:*:*:*",
"matchCriteriaId": "EB0676CA-E9BF-4CB8-99D2-7FA0ACC711EA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:watchguard:fireware:12.1.3:u3:*:*:*:*:*:*",
"matchCriteriaId": "AE1BB0F7-72F1-4601-A1E2-161FCA8819B8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:watchguard:fireware:12.1.3:u4:*:*:*:*:*:*",
"matchCriteriaId": "583E164A-E308-4666-84AF-E0ADC16427B4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:watchguard:fireware:12.1.3:u5:*:*:*:*:*:*",
"matchCriteriaId": "B310FA82-61C6-4D40-A263-789223301513",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:watchguard:fireware:12.1.3:u6:*:*:*:*:*:*",
"matchCriteriaId": "49901BE7-00EA-4180-BC45-CBBFEC295A31",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:watchguard:fireware:12.1.3:u7:*:*:*:*:*:*",
"matchCriteriaId": "5E842BF2-3C47-4C9B-8BA1-B448A2835E0A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:watchguard:fireware:12.5.9:-:*:*:*:*:*:*",
"matchCriteriaId": "C9586510-0B33-45C9-8550-206791E3C0D6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:watchguard:fireware:12.5.9:u1:*:*:*:*:*:*",
"matchCriteriaId": "3B345B31-2DC2-49C5-8AC1-A4B12A5B679B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:watchguard:fireware:12.7.2:-:*:*:*:*:*:*",
"matchCriteriaId": "CA32519C-7B8B-4270-BBAD-7CAFAD28AA5E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:watchguard:fireware:12.7.2:u1:*:*:*:*:*:*",
"matchCriteriaId": "CF8ECE0C-9997-42EB-A983-B930EA4D10E4",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "An integer overflow in WatchGuard Firebox and XTM appliances allows an authenticated remote attacker to trigger a heap-based buffer overflow and potentially execute arbitrary code by initiating a firmware update with a malicious upgrade image. This vulnerability impacts Fireware OS before 12.7.2_U2, 12.x before 12.1.3_U8, and 12.2.x through 12.5.x before 12.5.9_U2."
},
{
"lang": "es",
"value": "Un desbordamiento de enteros en los dispositivos WatchGuard Firebox y XTM permite a un atacante remoto autenticado desencadenar un desbordamiento de b\u00fafer basado en la pila y potencialmente ejecutar c\u00f3digo arbitrario al iniciar una actualizaci\u00f3n de firmware con una imagen de actualizaci\u00f3n maliciosa. Esta vulnerabilidad afecta a Fireware OS versiones anteriores a 12.7.2_U2, versiones 12.x anteriores a 12.1.3_U8, y versiones 12.2.x hasta 12.5.x anteriores a 12.5.9_U2"
}
],
"id": "CVE-2022-25291",
"lastModified": "2024-11-21T06:51:56.227",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "SINGLE",
"availabilityImpact": "PARTIAL",
"baseScore": 6.5,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:L/Au:S/C:P/I:P/A:P",
"version": "2.0"
},
"exploitabilityScore": 8.0,
"impactScore": 6.4,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 2.8,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2022-02-24T15:15:31.017",
"references": [
{
"source": "cve@mitre.org",
"tags": [
"Release Notes",
"Vendor Advisory"
],
"url": "https://www.watchguard.com/support/release-notes/fireware/12/en-US/EN_ReleaseNotes_Fireware_12_7_2/index.html#Fireware/en-US/resolved_issues.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Release Notes",
"Vendor Advisory"
],
"url": "https://www.watchguard.com/support/release-notes/fireware/12/en-US/EN_ReleaseNotes_Fireware_12_7_2/index.html#Fireware/en-US/resolved_issues.html"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-190"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2022-02-24 15:15
Modified
2025-01-29 21:15
Severity ?
8.8 (High) - CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
8.8 (High) - CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
8.8 (High) - CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Summary
WatchGuard Firebox and XTM appliances allow a remote attacker with unprivileged credentials to access the system with a privileged management session via exposed management access. This vulnerability impacts Fireware OS before 12.7.2_U1, 12.x before 12.1.3_U3, and 12.2.x through 12.5.x before 12.5.7_U3.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| watchguard | fireware | * | |
| watchguard | fireware | * | |
| watchguard | fireware | 12.1.3 | |
| watchguard | fireware | 12.1.3 | |
| watchguard | fireware | 12.1.3 | |
| watchguard | fireware | 12.5.7 | |
| watchguard | fireware | 12.5.7 | |
| watchguard | fireware | 12.5.7 | |
| watchguard | fireware | 12.7.2 |
{
"cisaActionDue": "2022-05-02",
"cisaExploitAdd": "2022-04-11",
"cisaRequiredAction": "Apply updates per vendor instructions.",
"cisaVulnerabilityName": "WatchGuard Firebox and XTM Privilege Escalation Vulnerability",
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:watchguard:fireware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "E7C2E450-C7DC-40F4-928C-2323428E4DF4",
"versionEndExcluding": "12.1.3",
"versionStartIncluding": "12.0.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:watchguard:fireware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "F6F1E4F7-F27A-4155-AE19-BFD52439E730",
"versionEndExcluding": "12.5.7",
"versionStartIncluding": "12.2.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:watchguard:fireware:12.1.3:-:*:*:*:*:*:*",
"matchCriteriaId": "0F3E6444-AA30-4F87-AB97-12601CEDF14E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:watchguard:fireware:12.1.3:u1:*:*:*:*:*:*",
"matchCriteriaId": "48106213-C927-4232-A95F-4E6962E72BF9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:watchguard:fireware:12.1.3:u2:*:*:*:*:*:*",
"matchCriteriaId": "EB0676CA-E9BF-4CB8-99D2-7FA0ACC711EA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:watchguard:fireware:12.5.7:-:*:*:*:*:*:*",
"matchCriteriaId": "C41626A1-91D4-4C45-9399-EB45DBD62492",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:watchguard:fireware:12.5.7:u1:*:*:*:*:*:*",
"matchCriteriaId": "9C03747F-6726-4D2A-A888-25B592549ED0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:watchguard:fireware:12.5.7:u2:*:*:*:*:*:*",
"matchCriteriaId": "E7170909-0964-4229-8DD6-304CEBFEEA32",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:watchguard:fireware:12.7.2:-:*:*:*:*:*:*",
"matchCriteriaId": "CA32519C-7B8B-4270-BBAD-7CAFAD28AA5E",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "WatchGuard Firebox and XTM appliances allow a remote attacker with unprivileged credentials to access the system with a privileged management session via exposed management access. This vulnerability impacts Fireware OS before 12.7.2_U1, 12.x before 12.1.3_U3, and 12.2.x through 12.5.x before 12.5.7_U3."
},
{
"lang": "es",
"value": "Los dispositivos WatchGuard Firebox y XTM permiten que un atacante remoto con credenciales no privilegiadas acceda al sistema con una sesi\u00f3n de gesti\u00f3n privilegiada a trav\u00e9s del acceso de gesti\u00f3n expuesto. Esta vulnerabilidad afecta al sistema operativo Fireware antes de la versi\u00f3n 12.7.2_U1, 12.x antes de la versi\u00f3n 12.1.3_U3, y 12.2.x hasta 12.5.x antes de la versi\u00f3n 12.5.7_U3"
}
],
"id": "CVE-2022-23176",
"lastModified": "2025-01-29T21:15:13.113",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "SINGLE",
"availabilityImpact": "COMPLETE",
"baseScore": 9.0,
"confidentialityImpact": "COMPLETE",
"integrityImpact": "COMPLETE",
"vectorString": "AV:N/AC:L/Au:S/C:C/I:C/A:C",
"version": "2.0"
},
"exploitabilityScore": 8.0,
"impactScore": 10.0,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 2.8,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
},
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 2.8,
"impactScore": 5.9,
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary"
}
]
},
"published": "2022-02-24T15:15:28.447",
"references": [
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
],
"url": "https://arstechnica.com/information-technology/2022/04/watchguard-failed-to-disclose-critical-flaw-exploited-by-russian-hackers/"
},
{
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
],
"url": "https://securityportal.watchguard.com"
},
{
"source": "cve@mitre.org",
"tags": [
"Release Notes",
"Vendor Advisory"
],
"url": "https://www.watchguard.com/support/release-notes/fireware/12/en-US/EN_ReleaseNotes_Fireware_12_1_3_U7/index.html#Fireware/en-US/resolved_issues.html"
},
{
"source": "cve@mitre.org",
"tags": [
"Release Notes",
"Vendor Advisory"
],
"url": "https://www.watchguard.com/support/release-notes/fireware/12/en-US/EN_ReleaseNotes_Fireware_12_7/index.html#Fireware/en-US/resolved_issues.html"
},
{
"source": "cve@mitre.org",
"tags": [
"Release Notes",
"Vendor Advisory"
],
"url": "https://www.watchguard.com/support/release-notes/fireware/12/en-US/EN_ReleaseNotes_Fireware_12_7_2/index.html#Fireware/en-US/resolved_issues.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://arstechnica.com/information-technology/2022/04/watchguard-failed-to-disclose-critical-flaw-exploited-by-russian-hackers/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://securityportal.watchguard.com"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Release Notes",
"Vendor Advisory"
],
"url": "https://www.watchguard.com/support/release-notes/fireware/12/en-US/EN_ReleaseNotes_Fireware_12_1_3_U7/index.html#Fireware/en-US/resolved_issues.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Release Notes",
"Vendor Advisory"
],
"url": "https://www.watchguard.com/support/release-notes/fireware/12/en-US/EN_ReleaseNotes_Fireware_12_7/index.html#Fireware/en-US/resolved_issues.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Release Notes",
"Vendor Advisory"
],
"url": "https://www.watchguard.com/support/release-notes/fireware/12/en-US/EN_ReleaseNotes_Fireware_12_7_2/index.html#Fireware/en-US/resolved_issues.html"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-noinfo"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2022-06-07 14:15
Modified
2024-11-21 06:52
Severity ?
Summary
WatchGuard Firebox and XTM appliances allow an unauthenticated remote attacker to delete arbitrary files from a limited set of directories on the system. This vulnerability impacts Fireware OS before 12.7.2_U2, 12.x before 12.1.3_U8, and 12.2.x through 12.5.x before 12.5.9_U2.
References
| ▼ | URL | Tags | |
|---|---|---|---|
| cve@mitre.org | https://watchguard.com | Vendor Advisory | |
| cve@mitre.org | https://www.watchguard.com/wgrd-psirt/advisory/wgsa-2022-00004 | Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://watchguard.com | Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://www.watchguard.com/wgrd-psirt/advisory/wgsa-2022-00004 | Vendor Advisory |
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:watchguard:fireware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "E7C2E450-C7DC-40F4-928C-2323428E4DF4",
"versionEndExcluding": "12.1.3",
"versionStartIncluding": "12.0.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:watchguard:fireware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "CE9EB306-8BF2-4904-ACA5-5938844CB0A9",
"versionEndExcluding": "12.5.9",
"versionStartIncluding": "12.2.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:watchguard:fireware:12.1.3:-:*:*:*:*:*:*",
"matchCriteriaId": "0F3E6444-AA30-4F87-AB97-12601CEDF14E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:watchguard:fireware:12.1.3:u1:*:*:*:*:*:*",
"matchCriteriaId": "48106213-C927-4232-A95F-4E6962E72BF9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:watchguard:fireware:12.1.3:u2:*:*:*:*:*:*",
"matchCriteriaId": "EB0676CA-E9BF-4CB8-99D2-7FA0ACC711EA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:watchguard:fireware:12.1.3:u3:*:*:*:*:*:*",
"matchCriteriaId": "AE1BB0F7-72F1-4601-A1E2-161FCA8819B8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:watchguard:fireware:12.1.3:u4:*:*:*:*:*:*",
"matchCriteriaId": "583E164A-E308-4666-84AF-E0ADC16427B4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:watchguard:fireware:12.1.3:u5:*:*:*:*:*:*",
"matchCriteriaId": "B310FA82-61C6-4D40-A263-789223301513",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:watchguard:fireware:12.1.3:u6:*:*:*:*:*:*",
"matchCriteriaId": "49901BE7-00EA-4180-BC45-CBBFEC295A31",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:watchguard:fireware:12.1.3:u7:*:*:*:*:*:*",
"matchCriteriaId": "5E842BF2-3C47-4C9B-8BA1-B448A2835E0A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:watchguard:fireware:12.5.9:-:*:*:*:*:*:*",
"matchCriteriaId": "C9586510-0B33-45C9-8550-206791E3C0D6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:watchguard:fireware:12.5.9:u1:*:*:*:*:*:*",
"matchCriteriaId": "3B345B31-2DC2-49C5-8AC1-A4B12A5B679B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:watchguard:fireware:12.7.2:-:*:*:*:*:*:*",
"matchCriteriaId": "CA32519C-7B8B-4270-BBAD-7CAFAD28AA5E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:watchguard:fireware:12.7.2:u1:*:*:*:*:*:*",
"matchCriteriaId": "CF8ECE0C-9997-42EB-A983-B930EA4D10E4",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:watchguard:firebox_m200:-:*:*:*:*:*:*:*",
"matchCriteriaId": "947408A7-EC5A-43A0-A2F0-C51055F29BF0",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:watchguard:firebox_m270:-:*:*:*:*:*:*:*",
"matchCriteriaId": "E472917E-D6E1-4C2D-B37D-E76FCC7307CA",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:watchguard:firebox_m290:-:*:*:*:*:*:*:*",
"matchCriteriaId": "9A8C7779-4466-4A9E-B191-929E7746DFF7",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:watchguard:firebox_m300:-:*:*:*:*:*:*:*",
"matchCriteriaId": "7867C903-6DB6-4E58-AD44-07BBB9C45E72",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:watchguard:firebox_m370:-:*:*:*:*:*:*:*",
"matchCriteriaId": "6CE9A123-B769-4E56-845E-DC3DA6166C78",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:watchguard:firebox_m390:-:*:*:*:*:*:*:*",
"matchCriteriaId": "180FAE8C-2E73-4C09-AA11-0C82A7715FA3",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:watchguard:firebox_m400:-:*:*:*:*:*:*:*",
"matchCriteriaId": "7BD5BB5D-12FC-4D49-A2FA-8886077457B8",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:watchguard:firebox_m440:-:*:*:*:*:*:*:*",
"matchCriteriaId": "309DBEF2-1D92-4641-827F-D99758B5FFA3",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:watchguard:firebox_m470:-:*:*:*:*:*:*:*",
"matchCriteriaId": "BBFBA966-E052-4350-9544-3B5D484DBB6B",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:watchguard:firebox_m4800:-:*:*:*:*:*:*:*",
"matchCriteriaId": "EF1E586D-0E88-447A-95E8-5203EF869ADB",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:watchguard:firebox_m500:-:*:*:*:*:*:*:*",
"matchCriteriaId": "08422D7D-CA99-4303-B783-30F8CDCAC34C",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:watchguard:firebox_m570:-:*:*:*:*:*:*:*",
"matchCriteriaId": "59389EA2-3067-4AF8-AEC5-FE79E269C170",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:watchguard:firebox_m5800:-:*:*:*:*:*:*:*",
"matchCriteriaId": "445FA7CD-D0AE-4176-9AE5-293B918DE654",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:watchguard:firebox_m590:-:*:*:*:*:*:*:*",
"matchCriteriaId": "1B4A7366-0304-431E-B3E4-719BA575CEAC",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:watchguard:firebox_m670:-:*:*:*:*:*:*:*",
"matchCriteriaId": "E8512B4A-5269-4067-B9C6-475A4E8AD313",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:watchguard:firebox_m690:-:*:*:*:*:*:*:*",
"matchCriteriaId": "179C6166-87E1-44F8-B727-CDDE40C673D9",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:watchguard:firebox_t10:-:*:*:*:*:*:*:*",
"matchCriteriaId": "1D97A123-654D-40B0-A18B-FE4801BF4506",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:watchguard:firebox_t10-d:-:*:*:*:*:*:*:*",
"matchCriteriaId": "983AE311-F2BD-4260-839E-2D906B6E095A",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:watchguard:firebox_t10-w:-:*:*:*:*:*:*:*",
"matchCriteriaId": "28634F62-70D4-49F6-860F-8FE1B85707F6",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:watchguard:firebox_t15:-:*:*:*:*:*:*:*",
"matchCriteriaId": "626220F8-7F0C-4DD8-8001-12EA0A777A0D",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:watchguard:firebox_t15-w:-:*:*:*:*:*:*:*",
"matchCriteriaId": "083919C1-A383-430A-B56C-13C6128266F8",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:watchguard:firebox_t20:-:*:*:*:*:*:*:*",
"matchCriteriaId": "9295217E-C1A0-4A69-A0F0-C44814BB376C",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:watchguard:firebox_t20-w:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A4832E5E-E4ED-4222-B9A5-060FA6AA22DF",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:watchguard:firebox_t30:-:*:*:*:*:*:*:*",
"matchCriteriaId": "9E10A9DF-DD32-4E42-838D-E398B3451FBF",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:watchguard:firebox_t30-w:-:*:*:*:*:*:*:*",
"matchCriteriaId": "29D260C9-BB0C-4546-9E56-0283B9332AC5",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:watchguard:firebox_t35:-:*:*:*:*:*:*:*",
"matchCriteriaId": "E561A57F-91A5-4B3C-9F7D-62E9AB5163A7",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:watchguard:firebox_t35-r:-:*:*:*:*:*:*:*",
"matchCriteriaId": "0B691D60-C12E-49DA-9917-4513E4A57B55",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:watchguard:firebox_t35-w:-:*:*:*:*:*:*:*",
"matchCriteriaId": "7F374AC3-0292-428B-AA39-F60980874160",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:watchguard:firebox_t40:-:*:*:*:*:*:*:*",
"matchCriteriaId": "CC853916-8BDC-4F7C-BA53-D6AB490A9444",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:watchguard:firebox_t40-w:-:*:*:*:*:*:*:*",
"matchCriteriaId": "4267A4B5-4F48-4104-85E8-3F6B09FD2354",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:watchguard:firebox_t50:-:*:*:*:*:*:*:*",
"matchCriteriaId": "0D15B548-CB7C-44B6-A568-7F87652561D3",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:watchguard:firebox_t50-w:-:*:*:*:*:*:*:*",
"matchCriteriaId": "07EB3F3A-E508-42EF-9D11-9BC77C35EA60",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:watchguard:firebox_t55:-:*:*:*:*:*:*:*",
"matchCriteriaId": "D3562304-0317-4A3C-B622-D5CE01CC97F9",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:watchguard:firebox_t55-w:-:*:*:*:*:*:*:*",
"matchCriteriaId": "755CD8FA-C341-4C34-8005-A42C32BD85CF",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:watchguard:firebox_t70:-:*:*:*:*:*:*:*",
"matchCriteriaId": "327BA50A-366A-4367-93B8-328EC0136FA7",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:watchguard:firebox_t80:-:*:*:*:*:*:*:*",
"matchCriteriaId": "D92ABD52-20F6-4AB1-801F-9E7B7B1B78A1",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:watchguard:firebox_xtm1520-rp:-:*:*:*:*:*:*:*",
"matchCriteriaId": "3E7C021D-0C50-47A8-B8D6-27BE0FBD025C",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:watchguard:firebox_xtm1525-rp:-:*:*:*:*:*:*:*",
"matchCriteriaId": "5EF67525-E49F-4B2C-823B-8447E8450F27",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:watchguard:firebox_xtm2520:-:*:*:*:*:*:*:*",
"matchCriteriaId": "ED8D9112-1504-4341-B2F9-9967B5D02790",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:watchguard:firebox_xtm850:-:*:*:*:*:*:*:*",
"matchCriteriaId": "95BC88C9-324F-4803-97E4-91773827F4C3",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:watchguard:firebox_xtm860:-:*:*:*:*:*:*:*",
"matchCriteriaId": "AADF6164-8A53-4023-B326-C3CA1A4DE0A8",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:watchguard:firebox_xtm870:-:*:*:*:*:*:*:*",
"matchCriteriaId": "42A6A10F-C0C1-415F-943D-9CFADC35CF73",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:watchguard:firebox_xtm870-f:-:*:*:*:*:*:*:*",
"matchCriteriaId": "4EF5490C-5BBD-476C-916E-26C5426A6069",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:watchguard:fireboxcloud:-:*:*:*:*:*:*:*",
"matchCriteriaId": "158560A0-D694-41AF-A5F8-0F6FB3EFB8FA",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:watchguard:fireboxv:-:*:*:*:*:*:*:*",
"matchCriteriaId": "4ECAE1D7-9868-4730-B645-44CB1B6FDE96",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:watchguard:xtmv:-:*:*:*:*:*:*:*",
"matchCriteriaId": "72807176-5A59-4BFD-B6C0-2738D9FD3AB5",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "WatchGuard Firebox and XTM appliances allow an unauthenticated remote attacker to delete arbitrary files from a limited set of directories on the system. This vulnerability impacts Fireware OS before 12.7.2_U2, 12.x before 12.1.3_U8, and 12.2.x through 12.5.x before 12.5.9_U2."
},
{
"lang": "es",
"value": "Los dispositivos WatchGuard Firebox y XTM permiten a un atacante remoto no autenticado eliminar archivos arbitrarios de un conjunto limitado de directorios en el sistema. Esta vulnerabilidad afecta a Fireware OS versiones anteriores a 12.7.2_U2, 12.x versiones anteriores a 12.1.3_U8, y 12.2.x hasta 12.5.x anteriores a 12.5.9_U2"
}
],
"id": "CVE-2022-25361",
"lastModified": "2024-11-21T06:52:04.643",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 6.4,
"confidentialityImpact": "NONE",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:L/Au:N/C:N/I:P/A:P",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 4.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.1,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "NONE",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 3.9,
"impactScore": 5.2,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2022-06-07T14:15:09.393",
"references": [
{
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
],
"url": "https://watchguard.com"
},
{
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
],
"url": "https://www.watchguard.com/wgrd-psirt/advisory/wgsa-2022-00004"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://watchguard.com"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://www.watchguard.com/wgrd-psirt/advisory/wgsa-2022-00004"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-noinfo"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2022-09-06 19:15
Modified
2024-11-21 07:05
Severity ?
Summary
A stored cross-site scripting (XSS) vulnerability exists in the management web interface of WatchGuard Firebox and XTM appliances. A remote attacker can potentially execute arbitrary JavaScript code in the management web interface by sending crafted requests to exposed management ports. This is fixed in Fireware OS 12.8.1, 12.5.10, and 12.1.4.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| watchguard | fireware | * | |
| watchguard | fireware | * | |
| watchguard | fireware | 12.6.1 | |
| watchguard | fireware | 12.6.1 | |
| watchguard | fireware | 12.6.3 | |
| watchguard | fireware | 12.6.4 | |
| watchguard | fireware | 12.7.0 | |
| watchguard | fireware | 12.7.1 | |
| watchguard | fireware | 12.7.2 | |
| watchguard | fireware | 12.8.0 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:watchguard:fireware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "50E35898-20FC-4D3E-B059-EDFEEB2E19F3",
"versionEndExcluding": "12.1.4",
"versionStartIncluding": "12.0.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:watchguard:fireware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "58A5359B-EC12-4C13-B9CC-EE1B49DB67AE",
"versionEndExcluding": "12.5.10",
"versionStartIncluding": "12.2.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:watchguard:fireware:12.6.1:u1:*:*:*:*:*:*",
"matchCriteriaId": "2EDC1E95-9077-423E-90F4-928068CA6D74",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:watchguard:fireware:12.6.1:u3:*:*:*:*:*:*",
"matchCriteriaId": "C557A092-41F2-4325-884C-B4C03E196A56",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:watchguard:fireware:12.6.3:*:*:*:*:*:*:*",
"matchCriteriaId": "41CE5E56-7E6E-48ED-A619-06BE1DAAABD2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:watchguard:fireware:12.6.4:*:*:*:*:*:*:*",
"matchCriteriaId": "299FC710-1AA1-4D3F-B902-231114B75B94",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:watchguard:fireware:12.7.0:u1:*:*:*:*:*:*",
"matchCriteriaId": "45C56536-625E-4E5A-B77A-CF33CEEBC91D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:watchguard:fireware:12.7.1:*:*:*:*:*:*:*",
"matchCriteriaId": "002B43DA-5A94-495D-8736-2FC5997155F9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:watchguard:fireware:12.7.2:u2:*:*:*:*:*:*",
"matchCriteriaId": "4B189948-8037-4CB1-A859-0CCB5D9576F8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:watchguard:fireware:12.8.0:u1:*:*:*:*:*:*",
"matchCriteriaId": "350B4BC0-B366-468B-93BF-366CA72EE5EC",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "A stored cross-site scripting (XSS) vulnerability exists in the management web interface of WatchGuard Firebox and XTM appliances. A remote attacker can potentially execute arbitrary JavaScript code in the management web interface by sending crafted requests to exposed management ports. This is fixed in Fireware OS 12.8.1, 12.5.10, and 12.1.4."
},
{
"lang": "es",
"value": "Se presenta una vulnerabilidad de tipo cross-site scripting (XSS) almacenado en la interfaz web de administraci\u00f3n de los dispositivos WatchGuard Firebox y XTM. Un atacante remoto puede potencialmente ejecutar c\u00f3digo JavaScript arbitrario en la interfaz web de administraci\u00f3n mediante el env\u00edo de peticiones dise\u00f1adas a los puertos de administraci\u00f3n expuestos. Esto ha sido corregido en Fireware OS versiones 12.8.1, 12.5.10 y 12.1.4.\n"
}
],
"id": "CVE-2022-31792",
"lastModified": "2024-11-21T07:05:20.157",
"metrics": {
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 5.4,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "LOW",
"scope": "CHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N",
"version": "3.1"
},
"exploitabilityScore": 2.3,
"impactScore": 2.7,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2022-09-06T19:15:08.440",
"references": [
{
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
],
"url": "https://www.watchguard.com/wgrd-psirt/advisory/wgsa-2022-00014"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://www.watchguard.com/wgrd-psirt/advisory/wgsa-2022-00014"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-79"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2017-04-22 22:59
Modified
2024-11-21 03:33
Severity ?
Summary
WatchGuard Fireware v11.12.1 and earlier mishandles requests referring to an XML External Entity (XXE), in the XML-RPC agent. This causes the Firebox wgagent process to crash. This process crash ends all authenticated sessions to the Firebox, including management connections, and prevents new authenticated sessions until the process has recovered. The Firebox may also experience an overall degradation in performance while the wgagent process recovers. An attacker could continuously send XML-RPC requests that contain references to external entities to perform a limited Denial of Service (DoS) attack against an affected Firebox.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| watchguard | fireware | * |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:watchguard:fireware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "340A6304-A2C7-4FFC-8CA7-FDFB78948EDB",
"versionEndIncluding": "11.2.1",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "WatchGuard Fireware v11.12.1 and earlier mishandles requests referring to an XML External Entity (XXE), in the XML-RPC agent. This causes the Firebox wgagent process to crash. This process crash ends all authenticated sessions to the Firebox, including management connections, and prevents new authenticated sessions until the process has recovered. The Firebox may also experience an overall degradation in performance while the wgagent process recovers. An attacker could continuously send XML-RPC requests that contain references to external entities to perform a limited Denial of Service (DoS) attack against an affected Firebox."
},
{
"lang": "es",
"value": "WatchGuard Fireware v11.12.1 y solicitudes anteriores de manipulaci\u00f3n incorrecta que se refieren a XXE, en el agente XML-RPC. Esto hace que el proceso wgagent de Firebox se bloquee. Este bloqueo de proceso termina todas las sesiones autenticadas en el Firebox, incluidas las conexiones de administraci\u00f3n, e impide que se realicen nuevas sesiones autenticadas hasta que el proceso se haya recuperado. El Firebox tambi\u00e9n puede experimentar una degradaci\u00f3n general en el rendimiento mientras se recupera el proceso wgagent. Un atacante podr\u00eda enviar continuamente solicitudes XML-RPC que contengan referencias a entidades externas para realizar un ataque de Negaci\u00f3n de Servicio (DoS) limitado contra un Firebox afectado."
}
],
"id": "CVE-2017-8056",
"lastModified": "2024-11-21T03:33:14.093",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": true,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 5.0,
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV30": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
"version": "3.0"
},
"exploitabilityScore": 3.9,
"impactScore": 1.4,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2017-04-22T22:59:00.263",
"references": [
{
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
],
"url": "http://watchguardsupport.force.com/publicKB?type=KBSecurityIssues\u0026SFDCID=kA62A0000000KlBSAU"
},
{
"source": "cve@mitre.org",
"tags": [
"Exploit",
"Third Party Advisory",
"VDB Entry"
],
"url": "https://packetstormsecurity.com/files/142177/watchguardfbxtm-xxeinject.txt"
},
{
"source": "cve@mitre.org",
"tags": [
"Exploit",
"Third Party Advisory"
],
"url": "https://www.sidertia.com/Home/Community/Blog/2017/04/17/Fixed-the-Fireware-Vulnerabilities-discovered-by-Sidertia"
},
{
"source": "cve@mitre.org",
"tags": [
"Release Notes",
"Vendor Advisory"
],
"url": "https://www.watchguard.com/support/release-notes/fireware/11/en-US/EN_ReleaseNotes_Fireware_11_12_2/index.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://watchguardsupport.force.com/publicKB?type=KBSecurityIssues\u0026SFDCID=kA62A0000000KlBSAU"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit",
"Third Party Advisory",
"VDB Entry"
],
"url": "https://packetstormsecurity.com/files/142177/watchguardfbxtm-xxeinject.txt"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit",
"Third Party Advisory"
],
"url": "https://www.sidertia.com/Home/Community/Blog/2017/04/17/Fixed-the-Fireware-Vulnerabilities-discovered-by-Sidertia"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Release Notes",
"Vendor Advisory"
],
"url": "https://www.watchguard.com/support/release-notes/fireware/11/en-US/EN_ReleaseNotes_Fireware_11_12_2/index.html"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-611"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2022-09-06 19:15
Modified
2024-11-21 07:05
Severity ?
Summary
WatchGuard Firebox and XTM appliances allow a local attacker (that has already obtained shell access) to elevate their privileges and execute code with root permissions. This is fixed in Fireware OS 12.8.1, 12.5.10, and 12.1.4.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| watchguard | fireware | * | |
| watchguard | fireware | * | |
| watchguard | fireware | 12.6.1 | |
| watchguard | fireware | 12.6.1 | |
| watchguard | fireware | 12.6.3 | |
| watchguard | fireware | 12.6.4 | |
| watchguard | fireware | 12.7.0 | |
| watchguard | fireware | 12.7.1 | |
| watchguard | fireware | 12.7.2 | |
| watchguard | fireware | 12.8.0 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:watchguard:fireware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "50E35898-20FC-4D3E-B059-EDFEEB2E19F3",
"versionEndExcluding": "12.1.4",
"versionStartIncluding": "12.0.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:watchguard:fireware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "58A5359B-EC12-4C13-B9CC-EE1B49DB67AE",
"versionEndExcluding": "12.5.10",
"versionStartIncluding": "12.2.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:watchguard:fireware:12.6.1:u1:*:*:*:*:*:*",
"matchCriteriaId": "2EDC1E95-9077-423E-90F4-928068CA6D74",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:watchguard:fireware:12.6.1:u3:*:*:*:*:*:*",
"matchCriteriaId": "C557A092-41F2-4325-884C-B4C03E196A56",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:watchguard:fireware:12.6.3:*:*:*:*:*:*:*",
"matchCriteriaId": "41CE5E56-7E6E-48ED-A619-06BE1DAAABD2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:watchguard:fireware:12.6.4:*:*:*:*:*:*:*",
"matchCriteriaId": "299FC710-1AA1-4D3F-B902-231114B75B94",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:watchguard:fireware:12.7.0:u1:*:*:*:*:*:*",
"matchCriteriaId": "45C56536-625E-4E5A-B77A-CF33CEEBC91D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:watchguard:fireware:12.7.1:*:*:*:*:*:*:*",
"matchCriteriaId": "002B43DA-5A94-495D-8736-2FC5997155F9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:watchguard:fireware:12.7.2:u2:*:*:*:*:*:*",
"matchCriteriaId": "4B189948-8037-4CB1-A859-0CCB5D9576F8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:watchguard:fireware:12.8.0:u1:*:*:*:*:*:*",
"matchCriteriaId": "350B4BC0-B366-468B-93BF-366CA72EE5EC",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "WatchGuard Firebox and XTM appliances allow a local attacker (that has already obtained shell access) to elevate their privileges and execute code with root permissions. This is fixed in Fireware OS 12.8.1, 12.5.10, and 12.1.4."
},
{
"lang": "es",
"value": "Los dispositivos WatchGuard Firebox y XTM permiten a un atacante local (que ya ha obtenido acceso al shell) elevar sus privilegios y ejecutar c\u00f3digo con permisos de root. Esto ha sido corregido en Fireware OS versiones 12.8.1, 12.5.10 y 12.1.4."
}
],
"id": "CVE-2022-31791",
"lastModified": "2024-11-21T07:05:19.987",
"metrics": {
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 1.8,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2022-09-06T19:15:08.403",
"references": [
{
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
],
"url": "https://www.watchguard.com/wgrd-psirt/advisory/wgsa-2022-00018"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://www.watchguard.com/wgrd-psirt/advisory/wgsa-2022-00018"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-noinfo"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2019-08-23 22:15
Modified
2024-11-21 02:55
Severity ?
Summary
The authentication applet in Watchguard Fireware 11.11 Operating System has reflected XSS (this can also cause an open redirect).
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| watchguard | fireware | * | |
| microsoft | windows | - |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:watchguard:fireware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "BC664055-3922-4FA9-83A3-9BB97936534C",
"versionEndIncluding": "11.11",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A2572D17-1DE6-457B-99CC-64AFD54487EA",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "The authentication applet in Watchguard Fireware 11.11 Operating System has reflected XSS (this can also cause an open redirect)."
},
{
"lang": "es",
"value": "El applet de autenticaci\u00f3n en el sistema operativo Watchguard Fireware 11.11 ha reflejado XSS (esto tambi\u00e9n puede causar una redirecci\u00f3n abierta)."
}
],
"id": "CVE-2016-6154",
"lastModified": "2024-11-21T02:55:33.940",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "NONE",
"baseScore": 5.8,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:N",
"version": "2.0"
},
"exploitabilityScore": 8.6,
"impactScore": 4.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": true
}
],
"cvssMetricV30": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 6.1,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
"version": "3.0"
},
"exploitabilityScore": 2.8,
"impactScore": 2.7,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2019-08-23T22:15:11.300",
"references": [
{
"source": "cve@mitre.org",
"tags": [
"Exploit",
"Vendor Advisory"
],
"url": "https://www.sec-1.com/blog/2016/sec-1-advisory-reflected-cross-site-scripting-open-redirect-watchguard-fireware-v11-11"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit",
"Vendor Advisory"
],
"url": "https://www.sec-1.com/blog/2016/sec-1-advisory-reflected-cross-site-scripting-open-redirect-watchguard-fireware-v11-11"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-79"
},
{
"lang": "en",
"value": "CWE-601"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2017-09-20 20:29
Modified
2024-11-21 03:13
Severity ?
Summary
An FBX-5312 issue was discovered in WatchGuard Fireware before 12.0. If a login attempt is made in the XML-RPC interface with an XML message containing an empty member element, the wgagent crashes, logging out any user with a session opened in the UI. By continuously executing the failed login attempts, UI management of the device becomes impossible.
References
| ▼ | URL | Tags | |
|---|---|---|---|
| cve@mitre.org | http://www.securityfocus.com/archive/1/540427 | Third Party Advisory, VDB Entry | |
| cve@mitre.org | https://www.sidertia.com/Home/Community/Blog/2017/09/18/Fixed-Fireware-XXE-DOS-and-stored-XSS-vulnerabilities-discovered-by-Sidertia | Exploit, Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.securityfocus.com/archive/1/540427 | Third Party Advisory, VDB Entry | |
| af854a3a-2127-422b-91ae-364da2661108 | https://www.sidertia.com/Home/Community/Blog/2017/09/18/Fixed-Fireware-XXE-DOS-and-stored-XSS-vulnerabilities-discovered-by-Sidertia | Exploit, Third Party Advisory |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| watchguard | fireware | * |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:watchguard:fireware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "1B6786D7-D193-4D19-9536-02F1F813EFEA",
"versionEndIncluding": "11.12.4",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "An FBX-5312 issue was discovered in WatchGuard Fireware before 12.0. If a login attempt is made in the XML-RPC interface with an XML message containing an empty member element, the wgagent crashes, logging out any user with a session opened in the UI. By continuously executing the failed login attempts, UI management of the device becomes impossible."
},
{
"lang": "es",
"value": "Se ha descubierto un problema FBX-5312 en WatchGuard Fireware en versiones anteriores a la 12.0. Si se intenta iniciar sesi\u00f3n en la interfaz XML-RPC con un mensaje XML que contiene un elemento de miembro vac\u00edo, se produce el cierre inesperado de wgagent, cerrando la sesi\u00f3n de cualquier usuario con sesi\u00f3n iniciada en la interfaz de usuario. Si se ejecuta continuamente el intento fallido de inicio de sesi\u00f3n, la gesti\u00f3n de la interfaz de usuario del dispositivo se volver\u00e1 imposible."
}
],
"id": "CVE-2017-14616",
"lastModified": "2024-11-21T03:13:12.590",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"baseScore": 7.8,
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:C",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 6.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV30": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.0"
},
"exploitabilityScore": 3.9,
"impactScore": 3.6,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2017-09-20T20:29:00.260",
"references": [
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securityfocus.com/archive/1/540427"
},
{
"source": "cve@mitre.org",
"tags": [
"Exploit",
"Third Party Advisory"
],
"url": "https://www.sidertia.com/Home/Community/Blog/2017/09/18/Fixed-Fireware-XXE-DOS-and-stored-XSS-vulnerabilities-discovered-by-Sidertia"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securityfocus.com/archive/1/540427"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit",
"Third Party Advisory"
],
"url": "https://www.sidertia.com/Home/Community/Blog/2017/09/18/Fixed-Fireware-XXE-DOS-and-stored-XSS-vulnerabilities-discovered-by-Sidertia"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-400"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2022-02-24 15:15
Modified
2024-11-21 06:51
Severity ?
Summary
WatchGuard Firebox and XTM appliances allow an authenticated remote attacker with unprivileged credentials to retrieve certificate private keys. This vulnerability impacts Fireware OS before 12.7.2_U2, 12.x before 12.1.3_U8, and 12.2.x through 12.5.x before 12.5.9_U2.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| watchguard | fireware | * | |
| watchguard | fireware | * | |
| watchguard | fireware | * | |
| watchguard | fireware | 12.1.3 | |
| watchguard | fireware | 12.1.3 | |
| watchguard | fireware | 12.1.3 | |
| watchguard | fireware | 12.1.3 | |
| watchguard | fireware | 12.1.3 | |
| watchguard | fireware | 12.1.3 | |
| watchguard | fireware | 12.1.3 | |
| watchguard | fireware | 12.1.3 | |
| watchguard | fireware | 12.5.9 | |
| watchguard | fireware | 12.5.9 | |
| watchguard | fireware | 12.7.2 | |
| watchguard | fireware | 12.7.2 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:watchguard:fireware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "E7C2E450-C7DC-40F4-928C-2323428E4DF4",
"versionEndExcluding": "12.1.3",
"versionStartIncluding": "12.0.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:watchguard:fireware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "CE9EB306-8BF2-4904-ACA5-5938844CB0A9",
"versionEndExcluding": "12.5.9",
"versionStartIncluding": "12.2.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:watchguard:fireware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "D684DF8B-6F0B-4189-B7B5-79A09ABCE0F0",
"versionEndExcluding": "12.7.2",
"versionStartIncluding": "12.7.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:watchguard:fireware:12.1.3:-:*:*:*:*:*:*",
"matchCriteriaId": "0F3E6444-AA30-4F87-AB97-12601CEDF14E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:watchguard:fireware:12.1.3:u1:*:*:*:*:*:*",
"matchCriteriaId": "48106213-C927-4232-A95F-4E6962E72BF9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:watchguard:fireware:12.1.3:u2:*:*:*:*:*:*",
"matchCriteriaId": "EB0676CA-E9BF-4CB8-99D2-7FA0ACC711EA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:watchguard:fireware:12.1.3:u3:*:*:*:*:*:*",
"matchCriteriaId": "AE1BB0F7-72F1-4601-A1E2-161FCA8819B8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:watchguard:fireware:12.1.3:u4:*:*:*:*:*:*",
"matchCriteriaId": "583E164A-E308-4666-84AF-E0ADC16427B4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:watchguard:fireware:12.1.3:u5:*:*:*:*:*:*",
"matchCriteriaId": "B310FA82-61C6-4D40-A263-789223301513",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:watchguard:fireware:12.1.3:u6:*:*:*:*:*:*",
"matchCriteriaId": "49901BE7-00EA-4180-BC45-CBBFEC295A31",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:watchguard:fireware:12.1.3:u7:*:*:*:*:*:*",
"matchCriteriaId": "5E842BF2-3C47-4C9B-8BA1-B448A2835E0A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:watchguard:fireware:12.5.9:-:*:*:*:*:*:*",
"matchCriteriaId": "C9586510-0B33-45C9-8550-206791E3C0D6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:watchguard:fireware:12.5.9:u1:*:*:*:*:*:*",
"matchCriteriaId": "3B345B31-2DC2-49C5-8AC1-A4B12A5B679B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:watchguard:fireware:12.7.2:-:*:*:*:*:*:*",
"matchCriteriaId": "CA32519C-7B8B-4270-BBAD-7CAFAD28AA5E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:watchguard:fireware:12.7.2:u1:*:*:*:*:*:*",
"matchCriteriaId": "CF8ECE0C-9997-42EB-A983-B930EA4D10E4",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "WatchGuard Firebox and XTM appliances allow an authenticated remote attacker with unprivileged credentials to retrieve certificate private keys. This vulnerability impacts Fireware OS before 12.7.2_U2, 12.x before 12.1.3_U8, and 12.2.x through 12.5.x before 12.5.9_U2."
},
{
"lang": "es",
"value": "Los dispositivos WatchGuard Firebox y XTM permiten a un atacante remoto autenticado con credenciales no privilegiadas recuperar las claves privadas de los certificados. Esta vulnerabilidad afecta a Fireware OS versiones anteriores a 12.7.2_U2, versiones 12.x anteriores a 12.1.3_U8, y versiones 12.2.x hasta 12.5.x anteriores a 12.5.9_U2"
}
],
"id": "CVE-2022-25290",
"lastModified": "2024-11-21T06:51:56.097",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "SINGLE",
"availabilityImpact": "NONE",
"baseScore": 4.0,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:L/Au:S/C:P/I:N/A:N",
"version": "2.0"
},
"exploitabilityScore": 8.0,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
},
"exploitabilityScore": 2.8,
"impactScore": 3.6,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2022-02-24T15:15:30.977",
"references": [
{
"source": "cve@mitre.org",
"tags": [
"Release Notes",
"Vendor Advisory"
],
"url": "https://www.watchguard.com/support/release-notes/fireware/12/en-US/EN_ReleaseNotes_Fireware_12_7_2/index.html#Fireware/en-US/resolved_issues.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Release Notes",
"Vendor Advisory"
],
"url": "https://www.watchguard.com/support/release-notes/fireware/12/en-US/EN_ReleaseNotes_Fireware_12_7_2/index.html#Fireware/en-US/resolved_issues.html"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-Other"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2022-02-24 15:15
Modified
2024-11-21 06:51
Severity ?
Summary
A wgagent stack-based buffer overflow in WatchGuard Firebox and XTM appliances allows an authenticated remote attacker to potentially execute arbitrary code by initiating a firmware update with a malicious upgrade image. This vulnerability impacts Fireware OS before 12.7.2_U2, 12.x before 12.1.3_U8, and 12.2.x through 12.5.x before 12.5.9_U2.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| watchguard | fireware | * | |
| watchguard | fireware | * | |
| watchguard | fireware | * | |
| watchguard | fireware | 12.1.3 | |
| watchguard | fireware | 12.1.3 | |
| watchguard | fireware | 12.1.3 | |
| watchguard | fireware | 12.1.3 | |
| watchguard | fireware | 12.1.3 | |
| watchguard | fireware | 12.1.3 | |
| watchguard | fireware | 12.1.3 | |
| watchguard | fireware | 12.1.3 | |
| watchguard | fireware | 12.5.9 | |
| watchguard | fireware | 12.5.9 | |
| watchguard | fireware | 12.7.2 | |
| watchguard | fireware | 12.7.2 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:watchguard:fireware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "E7C2E450-C7DC-40F4-928C-2323428E4DF4",
"versionEndExcluding": "12.1.3",
"versionStartIncluding": "12.0.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:watchguard:fireware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "CE9EB306-8BF2-4904-ACA5-5938844CB0A9",
"versionEndExcluding": "12.5.9",
"versionStartIncluding": "12.2.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:watchguard:fireware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "D684DF8B-6F0B-4189-B7B5-79A09ABCE0F0",
"versionEndExcluding": "12.7.2",
"versionStartIncluding": "12.7.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:watchguard:fireware:12.1.3:-:*:*:*:*:*:*",
"matchCriteriaId": "0F3E6444-AA30-4F87-AB97-12601CEDF14E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:watchguard:fireware:12.1.3:u1:*:*:*:*:*:*",
"matchCriteriaId": "48106213-C927-4232-A95F-4E6962E72BF9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:watchguard:fireware:12.1.3:u2:*:*:*:*:*:*",
"matchCriteriaId": "EB0676CA-E9BF-4CB8-99D2-7FA0ACC711EA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:watchguard:fireware:12.1.3:u3:*:*:*:*:*:*",
"matchCriteriaId": "AE1BB0F7-72F1-4601-A1E2-161FCA8819B8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:watchguard:fireware:12.1.3:u4:*:*:*:*:*:*",
"matchCriteriaId": "583E164A-E308-4666-84AF-E0ADC16427B4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:watchguard:fireware:12.1.3:u5:*:*:*:*:*:*",
"matchCriteriaId": "B310FA82-61C6-4D40-A263-789223301513",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:watchguard:fireware:12.1.3:u6:*:*:*:*:*:*",
"matchCriteriaId": "49901BE7-00EA-4180-BC45-CBBFEC295A31",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:watchguard:fireware:12.1.3:u7:*:*:*:*:*:*",
"matchCriteriaId": "5E842BF2-3C47-4C9B-8BA1-B448A2835E0A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:watchguard:fireware:12.5.9:-:*:*:*:*:*:*",
"matchCriteriaId": "C9586510-0B33-45C9-8550-206791E3C0D6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:watchguard:fireware:12.5.9:u1:*:*:*:*:*:*",
"matchCriteriaId": "3B345B31-2DC2-49C5-8AC1-A4B12A5B679B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:watchguard:fireware:12.7.2:-:*:*:*:*:*:*",
"matchCriteriaId": "CA32519C-7B8B-4270-BBAD-7CAFAD28AA5E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:watchguard:fireware:12.7.2:u1:*:*:*:*:*:*",
"matchCriteriaId": "CF8ECE0C-9997-42EB-A983-B930EA4D10E4",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "A wgagent stack-based buffer overflow in WatchGuard Firebox and XTM appliances allows an authenticated remote attacker to potentially execute arbitrary code by initiating a firmware update with a malicious upgrade image. This vulnerability impacts Fireware OS before 12.7.2_U2, 12.x before 12.1.3_U8, and 12.2.x through 12.5.x before 12.5.9_U2."
},
{
"lang": "es",
"value": "Un desbordamiento del b\u00fafer basado en la pila wgagent en los dispositivos WatchGuard Firebox y XTM permite a un atacante remoto autenticado ejecutar potencialmente c\u00f3digo arbitrario al iniciar una actualizaci\u00f3n de firmware con una imagen de actualizaci\u00f3n maliciosa. Esta vulnerabilidad afecta a Fireware OS versiones anteriores a 12.7.2_U2, versiones 12.x anteriores a 12.1.3_U8, y versiones 12.2.x hasta 12.5.x anteriores a 12.5.9_U2"
}
],
"id": "CVE-2022-25292",
"lastModified": "2024-11-21T06:51:56.353",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "SINGLE",
"availabilityImpact": "PARTIAL",
"baseScore": 6.5,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:L/Au:S/C:P/I:P/A:P",
"version": "2.0"
},
"exploitabilityScore": 8.0,
"impactScore": 6.4,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 2.8,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2022-02-24T15:15:31.060",
"references": [
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
],
"url": "https://cwe.mitre.org/data/definitions/121.html"
},
{
"source": "cve@mitre.org",
"tags": [
"Release Notes",
"Vendor Advisory"
],
"url": "https://www.watchguard.com/support/release-notes/fireware/12/en-US/EN_ReleaseNotes_Fireware_12_7_2/index.html#Fireware/en-US/resolved_issues.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://cwe.mitre.org/data/definitions/121.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Release Notes",
"Vendor Advisory"
],
"url": "https://www.watchguard.com/support/release-notes/fireware/12/en-US/EN_ReleaseNotes_Fireware_12_7_2/index.html#Fireware/en-US/resolved_issues.html"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-787"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2014-03-16 14:06
Modified
2024-11-21 02:01
Severity ?
Summary
Multiple cross-site scripting (XSS) vulnerabilities in the firewall policy management pages in WatchGuard Fireware XTM before 11.8.3 allow remote attackers to inject arbitrary web script or HTML via the pol_name parameter.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| watchguard | fireware | * | |
| watchguard | fireware | 11.6 | |
| watchguard | fireware | 11.6.1 | |
| watchguard | fireware | 11.6.3 | |
| watchguard | fireware | 11.6.5 | |
| watchguard | fireware | 11.6.6 | |
| watchguard | fireware | 11.7 | |
| watchguard | fireware | 11.7.2 | |
| watchguard | fireware | 11.7.3 | |
| watchguard | fireware | 11.7.4 | |
| watchguard | fireware | 11.8 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:watchguard:fireware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "D0E767E4-A244-435C-921F-702704BF85E1",
"versionEndIncluding": "11.8.1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:watchguard:fireware:11.6:*:*:*:*:*:*:*",
"matchCriteriaId": "CCE69206-3250-491D-96DE-464D7ECD8C89",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:watchguard:fireware:11.6.1:*:*:*:*:*:*:*",
"matchCriteriaId": "278F550E-F595-496B-80DC-62BF67378E66",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:watchguard:fireware:11.6.3:*:*:*:*:*:*:*",
"matchCriteriaId": "F14FDC93-9DB2-4673-88EE-4BA3748D2C51",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:watchguard:fireware:11.6.5:*:*:*:*:*:*:*",
"matchCriteriaId": "8694387F-BCB1-4699-8A9B-4CB2974D5834",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:watchguard:fireware:11.6.6:*:*:*:*:*:*:*",
"matchCriteriaId": "6C1B8F8C-04BA-4DE2-A59C-559C1B596E9A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:watchguard:fireware:11.7:*:*:*:*:*:*:*",
"matchCriteriaId": "70BC26F4-53B5-48C9-A725-C2614ABAEE7D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:watchguard:fireware:11.7.2:*:*:*:*:*:*:*",
"matchCriteriaId": "67DC54BF-0714-4070-A9BC-4BB65EA9B7BF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:watchguard:fireware:11.7.3:*:*:*:*:*:*:*",
"matchCriteriaId": "CFF243AF-4B53-4209-B262-282139B485E0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:watchguard:fireware:11.7.4:*:*:*:*:*:*:*",
"matchCriteriaId": "4065A79A-C655-4AF4-9F13-42855C339E28",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:watchguard:fireware:11.8:*:*:*:*:*:*:*",
"matchCriteriaId": "6052D128-0801-4F3E-A5B7-4AF82AEEF643",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Multiple cross-site scripting (XSS) vulnerabilities in the firewall policy management pages in WatchGuard Fireware XTM before 11.8.3 allow remote attackers to inject arbitrary web script or HTML via the pol_name parameter."
},
{
"lang": "es",
"value": "M\u00faltiples vulnerabilidades de XSS en las p\u00e1ginas de gesti\u00f3n de pol\u00edtica de firewall en WatchGuard Fireware XTM anterior a 11.8.3 permiten a atacantes remotos inyectar script Web o HTML arbitrarios a trav\u00e9s del par\u00e1metro pol_name."
}
],
"id": "CVE-2014-0338",
"lastModified": "2024-11-21T02:01:54.453",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "NONE",
"baseScore": 4.3,
"confidentialityImpact": "NONE",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:M/Au:N/C:N/I:P/A:N",
"version": "2.0"
},
"exploitabilityScore": 8.6,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": true
}
]
},
"published": "2014-03-16T14:06:45.117",
"references": [
{
"source": "cret@cert.org",
"tags": [
"Exploit"
],
"url": "http://seclists.org/fulldisclosure/2014/Mar/154"
},
{
"source": "cret@cert.org",
"tags": [
"Vendor Advisory"
],
"url": "http://watchguardsecuritycenter.com/2014/03/13/fireware-xtm-11-8-3-update-corrects-xss-flaw/"
},
{
"source": "cret@cert.org",
"tags": [
"US Government Resource"
],
"url": "http://www.kb.cert.org/vuls/id/807134"
},
{
"source": "cret@cert.org",
"tags": [
"Exploit"
],
"url": "http://www.securityfocus.com/bid/66210"
},
{
"source": "cret@cert.org",
"url": "http://www.securitytracker.com/id/1029924"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit"
],
"url": "http://seclists.org/fulldisclosure/2014/Mar/154"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://watchguardsecuritycenter.com/2014/03/13/fireware-xtm-11-8-3-update-corrects-xss-flaw/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"US Government Resource"
],
"url": "http://www.kb.cert.org/vuls/id/807134"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit"
],
"url": "http://www.securityfocus.com/bid/66210"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securitytracker.com/id/1029924"
}
],
"sourceIdentifier": "cret@cert.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-79"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2022-03-04 18:15
Modified
2025-01-29 17:15
Severity ?
9.8 (Critical) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
9.8 (Critical) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
9.8 (Critical) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Summary
On WatchGuard Firebox and XTM appliances, an unauthenticated user can execute arbitrary code, aka FBX-22786. This vulnerability impacts Fireware OS before 12.7.2_U2, 12.x before 12.1.3_U8, and 12.2.x through 12.5.x before 12.5.9_U2.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| watchguard | fireware | * | |
| watchguard | fireware | * | |
| watchguard | fireware | * | |
| watchguard | fireware | 12.1.3 | |
| watchguard | fireware | 12.1.3 | |
| watchguard | fireware | 12.1.3 | |
| watchguard | fireware | 12.1.3 | |
| watchguard | fireware | 12.1.3 | |
| watchguard | fireware | 12.1.3 | |
| watchguard | fireware | 12.1.3 | |
| watchguard | fireware | 12.1.3 | |
| watchguard | fireware | 12.5.9 | |
| watchguard | fireware | 12.7.2 |
{
"cisaActionDue": "2022-04-15",
"cisaExploitAdd": "2022-03-25",
"cisaRequiredAction": "Apply updates per vendor instructions.",
"cisaVulnerabilityName": "WatchGuard Firebox and XTM Appliances Arbitrary Code Execution",
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:watchguard:fireware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "E7C2E450-C7DC-40F4-928C-2323428E4DF4",
"versionEndExcluding": "12.1.3",
"versionStartIncluding": "12.0.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:watchguard:fireware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "3CFF8DDC-4C8F-400D-A00A-508DB2DD67FC",
"versionEndExcluding": "12.5.9",
"versionStartIncluding": "12.5.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:watchguard:fireware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "D684DF8B-6F0B-4189-B7B5-79A09ABCE0F0",
"versionEndExcluding": "12.7.2",
"versionStartIncluding": "12.7.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:watchguard:fireware:12.1.3:*:*:*:*:*:*:*",
"matchCriteriaId": "CE6C1CD9-B765-4A46-953F-BCC9A4537DB6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:watchguard:fireware:12.1.3:u1:*:*:*:*:*:*",
"matchCriteriaId": "48106213-C927-4232-A95F-4E6962E72BF9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:watchguard:fireware:12.1.3:u2:*:*:*:*:*:*",
"matchCriteriaId": "EB0676CA-E9BF-4CB8-99D2-7FA0ACC711EA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:watchguard:fireware:12.1.3:u3:*:*:*:*:*:*",
"matchCriteriaId": "AE1BB0F7-72F1-4601-A1E2-161FCA8819B8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:watchguard:fireware:12.1.3:u4:*:*:*:*:*:*",
"matchCriteriaId": "583E164A-E308-4666-84AF-E0ADC16427B4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:watchguard:fireware:12.1.3:u5:*:*:*:*:*:*",
"matchCriteriaId": "B310FA82-61C6-4D40-A263-789223301513",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:watchguard:fireware:12.1.3:u6:*:*:*:*:*:*",
"matchCriteriaId": "49901BE7-00EA-4180-BC45-CBBFEC295A31",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:watchguard:fireware:12.1.3:u7:*:*:*:*:*:*",
"matchCriteriaId": "5E842BF2-3C47-4C9B-8BA1-B448A2835E0A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:watchguard:fireware:12.5.9:u1:*:*:*:*:*:*",
"matchCriteriaId": "3B345B31-2DC2-49C5-8AC1-A4B12A5B679B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:watchguard:fireware:12.7.2:u1:*:*:*:*:*:*",
"matchCriteriaId": "CF8ECE0C-9997-42EB-A983-B930EA4D10E4",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "On WatchGuard Firebox and XTM appliances, an unauthenticated user can execute arbitrary code, aka FBX-22786. This vulnerability impacts Fireware OS before 12.7.2_U2, 12.x before 12.1.3_U8, and 12.2.x through 12.5.x before 12.5.9_U2."
},
{
"lang": "es",
"value": "En los dispositivos WatchGuard Firebox y XTM, un usuario no autenticado puede ejecutar c\u00f3digo arbitrario, tambi\u00e9n conocido como FBX-22786. Esta vulnerabilidad afecta a Fireware OS antes de 12.7.2_U2, 12.x antes de 12.1.3_U8, y 12.2.x hasta 12.5.x antes de 12.5.9_U2"
}
],
"id": "CVE-2022-26318",
"lastModified": "2025-01-29T17:15:18.433",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 7.5,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 6.4,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 3.9,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
},
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 3.9,
"impactScore": 5.9,
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary"
}
]
},
"published": "2022-03-04T18:15:08.367",
"references": [
{
"source": "cve@mitre.org",
"tags": [
"Release Notes",
"Vendor Advisory"
],
"url": "https://www.watchguard.com/support/release-notes/fireware/12/en-US/EN_ReleaseNotes_Fireware_12_7_2/index.html#Fireware/en-US/resolved_issues.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Release Notes",
"Vendor Advisory"
],
"url": "https://www.watchguard.com/support/release-notes/fireware/12/en-US/EN_ReleaseNotes_Fireware_12_7_2/index.html#Fireware/en-US/resolved_issues.html"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-Other"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
cve-2016-6154
Vulnerability from cvelistv5
Published
2019-08-23 21:06
Modified
2024-08-06 01:22
Severity ?
EPSS score ?
Summary
The authentication applet in Watchguard Fireware 11.11 Operating System has reflected XSS (this can also cause an open redirect).
References
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T01:22:20.506Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://www.sec-1.com/blog/2016/sec-1-advisory-reflected-cross-site-scripting-open-redirect-watchguard-fireware-v11-11"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2016-07-22T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "The authentication applet in Watchguard Fireware 11.11 Operating System has reflected XSS (this can also cause an open redirect)."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2019-08-23T21:06:51",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://www.sec-1.com/blog/2016/sec-1-advisory-reflected-cross-site-scripting-open-redirect-watchguard-fireware-v11-11"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2016-6154",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "The authentication applet in Watchguard Fireware 11.11 Operating System has reflected XSS (this can also cause an open redirect)."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://www.sec-1.com/blog/2016/sec-1-advisory-reflected-cross-site-scripting-open-redirect-watchguard-fireware-v11-11",
"refsource": "MISC",
"url": "https://www.sec-1.com/blog/2016/sec-1-advisory-reflected-cross-site-scripting-open-redirect-watchguard-fireware-v11-11"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2016-6154",
"datePublished": "2019-08-23T21:06:51",
"dateReserved": "2016-07-01T00:00:00",
"dateUpdated": "2024-08-06T01:22:20.506Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2022-25291
Vulnerability from cvelistv5
Published
2022-02-24 04:57
Modified
2024-08-03 04:36
Severity ?
EPSS score ?
Summary
An integer overflow in WatchGuard Firebox and XTM appliances allows an authenticated remote attacker to trigger a heap-based buffer overflow and potentially execute arbitrary code by initiating a firmware update with a malicious upgrade image. This vulnerability impacts Fireware OS before 12.7.2_U2, 12.x before 12.1.3_U8, and 12.2.x through 12.5.x before 12.5.9_U2.
References
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T04:36:06.651Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://www.watchguard.com/support/release-notes/fireware/12/en-US/EN_ReleaseNotes_Fireware_12_7_2/index.html#Fireware/en-US/resolved_issues.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "An integer overflow in WatchGuard Firebox and XTM appliances allows an authenticated remote attacker to trigger a heap-based buffer overflow and potentially execute arbitrary code by initiating a firmware update with a malicious upgrade image. This vulnerability impacts Fireware OS before 12.7.2_U2, 12.x before 12.1.3_U8, and 12.2.x through 12.5.x before 12.5.9_U2."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2022-02-24T04:57:04",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://www.watchguard.com/support/release-notes/fireware/12/en-US/EN_ReleaseNotes_Fireware_12_7_2/index.html#Fireware/en-US/resolved_issues.html"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2022-25291",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "An integer overflow in WatchGuard Firebox and XTM appliances allows an authenticated remote attacker to trigger a heap-based buffer overflow and potentially execute arbitrary code by initiating a firmware update with a malicious upgrade image. This vulnerability impacts Fireware OS before 12.7.2_U2, 12.x before 12.1.3_U8, and 12.2.x through 12.5.x before 12.5.9_U2."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://www.watchguard.com/support/release-notes/fireware/12/en-US/EN_ReleaseNotes_Fireware_12_7_2/index.html#Fireware/en-US/resolved_issues.html",
"refsource": "CONFIRM",
"url": "https://www.watchguard.com/support/release-notes/fireware/12/en-US/EN_ReleaseNotes_Fireware_12_7_2/index.html#Fireware/en-US/resolved_issues.html"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2022-25291",
"datePublished": "2022-02-24T04:57:04",
"dateReserved": "2022-02-16T00:00:00",
"dateUpdated": "2024-08-03T04:36:06.651Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2013-6021
Vulnerability from cvelistv5
Published
2013-10-19 10:00
Modified
2024-08-06 17:29
Severity ?
EPSS score ?
Summary
Buffer overflow in WGagent in WatchGuard WSM and Fireware before 11.8 allows remote attackers to execute arbitrary code via a long sessionid value in a cookie.
References
| ▼ | URL | Tags |
|---|---|---|
| https://funoverip.net/2013/10/watchguard-cve-2013-6021-stack-based-buffer-overflow-exploit/ | x_refsource_MISC | |
| http://www.exploit-db.com/exploits/29273 | exploit, x_refsource_EXPLOIT-DB | |
| http://osvdb.org/98752 | vdb-entry, x_refsource_OSVDB | |
| http://watchguardsecuritycenter.com/2013/10/17/xtm-11-8-secfixes/ | x_refsource_CONFIRM | |
| http://watchguardsecuritycenter.com/2013/10/17/watchguard-dimension-and-fireware-xtm-11-8/ | x_refsource_CONFIRM | |
| http://www.securityfocus.com/bid/63227 | vdb-entry, x_refsource_BID | |
| http://www.kb.cert.org/vuls/id/233990 | third-party-advisory, x_refsource_CERT-VN |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T17:29:42.934Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://funoverip.net/2013/10/watchguard-cve-2013-6021-stack-based-buffer-overflow-exploit/"
},
{
"name": "29273",
"tags": [
"exploit",
"x_refsource_EXPLOIT-DB",
"x_transferred"
],
"url": "http://www.exploit-db.com/exploits/29273"
},
{
"name": "98752",
"tags": [
"vdb-entry",
"x_refsource_OSVDB",
"x_transferred"
],
"url": "http://osvdb.org/98752"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://watchguardsecuritycenter.com/2013/10/17/xtm-11-8-secfixes/"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://watchguardsecuritycenter.com/2013/10/17/watchguard-dimension-and-fireware-xtm-11-8/"
},
{
"name": "63227",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/63227"
},
{
"name": "VU#233990",
"tags": [
"third-party-advisory",
"x_refsource_CERT-VN",
"x_transferred"
],
"url": "http://www.kb.cert.org/vuls/id/233990"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2013-10-18T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Buffer overflow in WGagent in WatchGuard WSM and Fireware before 11.8 allows remote attackers to execute arbitrary code via a long sessionid value in a cookie."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2015-05-19T17:57:00",
"orgId": "37e5125f-f79b-445b-8fad-9564f167944b",
"shortName": "certcc"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://funoverip.net/2013/10/watchguard-cve-2013-6021-stack-based-buffer-overflow-exploit/"
},
{
"name": "29273",
"tags": [
"exploit",
"x_refsource_EXPLOIT-DB"
],
"url": "http://www.exploit-db.com/exploits/29273"
},
{
"name": "98752",
"tags": [
"vdb-entry",
"x_refsource_OSVDB"
],
"url": "http://osvdb.org/98752"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://watchguardsecuritycenter.com/2013/10/17/xtm-11-8-secfixes/"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://watchguardsecuritycenter.com/2013/10/17/watchguard-dimension-and-fireware-xtm-11-8/"
},
{
"name": "63227",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/63227"
},
{
"name": "VU#233990",
"tags": [
"third-party-advisory",
"x_refsource_CERT-VN"
],
"url": "http://www.kb.cert.org/vuls/id/233990"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cert@cert.org",
"ID": "CVE-2013-6021",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Buffer overflow in WGagent in WatchGuard WSM and Fireware before 11.8 allows remote attackers to execute arbitrary code via a long sessionid value in a cookie."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://funoverip.net/2013/10/watchguard-cve-2013-6021-stack-based-buffer-overflow-exploit/",
"refsource": "MISC",
"url": "https://funoverip.net/2013/10/watchguard-cve-2013-6021-stack-based-buffer-overflow-exploit/"
},
{
"name": "29273",
"refsource": "EXPLOIT-DB",
"url": "http://www.exploit-db.com/exploits/29273"
},
{
"name": "98752",
"refsource": "OSVDB",
"url": "http://osvdb.org/98752"
},
{
"name": "http://watchguardsecuritycenter.com/2013/10/17/xtm-11-8-secfixes/",
"refsource": "CONFIRM",
"url": "http://watchguardsecuritycenter.com/2013/10/17/xtm-11-8-secfixes/"
},
{
"name": "http://watchguardsecuritycenter.com/2013/10/17/watchguard-dimension-and-fireware-xtm-11-8/",
"refsource": "CONFIRM",
"url": "http://watchguardsecuritycenter.com/2013/10/17/watchguard-dimension-and-fireware-xtm-11-8/"
},
{
"name": "63227",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/63227"
},
{
"name": "VU#233990",
"refsource": "CERT-VN",
"url": "http://www.kb.cert.org/vuls/id/233990"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "37e5125f-f79b-445b-8fad-9564f167944b",
"assignerShortName": "certcc",
"cveId": "CVE-2013-6021",
"datePublished": "2013-10-19T10:00:00",
"dateReserved": "2013-10-04T00:00:00",
"dateUpdated": "2024-08-06T17:29:42.934Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2022-31790
Vulnerability from cvelistv5
Published
2022-09-06 17:54
Modified
2024-08-03 07:26
Severity ?
EPSS score ?
Summary
WatchGuard Firebox and XTM appliances allow an unauthenticated remote attacker to retrieve sensitive authentication server settings by sending a malicious request to exposed authentication endpoints. This is fixed in Fireware OS 12.8.1, 12.5.10, and 12.1.4.
References
| ▼ | URL | Tags |
|---|---|---|
| https://www.watchguard.com/wgrd-psirt/advisory/wgsa-2022-00017 | x_refsource_MISC | |
| https://www.openwall.com/lists/oss-security/2022/08/30/2 | x_refsource_MISC | |
| https://www.ambionics.io/blog/hacking-watchguard-firewalls | x_refsource_MISC |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T07:26:01.128Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://www.watchguard.com/wgrd-psirt/advisory/wgsa-2022-00017"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://www.openwall.com/lists/oss-security/2022/08/30/2"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://www.ambionics.io/blog/hacking-watchguard-firewalls"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "WatchGuard Firebox and XTM appliances allow an unauthenticated remote attacker to retrieve sensitive authentication server settings by sending a malicious request to exposed authentication endpoints. This is fixed in Fireware OS 12.8.1, 12.5.10, and 12.1.4."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2022-09-06T17:54:41",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://www.watchguard.com/wgrd-psirt/advisory/wgsa-2022-00017"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://www.openwall.com/lists/oss-security/2022/08/30/2"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://www.ambionics.io/blog/hacking-watchguard-firewalls"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2022-31790",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "WatchGuard Firebox and XTM appliances allow an unauthenticated remote attacker to retrieve sensitive authentication server settings by sending a malicious request to exposed authentication endpoints. This is fixed in Fireware OS 12.8.1, 12.5.10, and 12.1.4."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://www.watchguard.com/wgrd-psirt/advisory/wgsa-2022-00017",
"refsource": "MISC",
"url": "https://www.watchguard.com/wgrd-psirt/advisory/wgsa-2022-00017"
},
{
"name": "https://www.openwall.com/lists/oss-security/2022/08/30/2",
"refsource": "MISC",
"url": "https://www.openwall.com/lists/oss-security/2022/08/30/2"
},
{
"name": "https://www.ambionics.io/blog/hacking-watchguard-firewalls",
"refsource": "MISC",
"url": "https://www.ambionics.io/blog/hacking-watchguard-firewalls"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2022-31790",
"datePublished": "2022-09-06T17:54:41",
"dateReserved": "2022-05-27T00:00:00",
"dateUpdated": "2024-08-03T07:26:01.128Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2022-31789
Vulnerability from cvelistv5
Published
2022-09-06 18:16
Modified
2024-08-03 07:26
Severity ?
EPSS score ?
Summary
An integer overflow in WatchGuard Firebox and XTM appliances allows an unauthenticated remote attacker to trigger a buffer overflow and potentially execute arbitrary code by sending a malicious request to exposed management ports. This is fixed in Fireware OS 12.8.1, 12.5.10, and 12.1.4.
References
| ▼ | URL | Tags |
|---|---|---|
| https://www.watchguard.com/wgrd-psirt/advisory/wgsa-2022-00015 | x_refsource_MISC |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T07:26:01.237Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://www.watchguard.com/wgrd-psirt/advisory/wgsa-2022-00015"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "An integer overflow in WatchGuard Firebox and XTM appliances allows an unauthenticated remote attacker to trigger a buffer overflow and potentially execute arbitrary code by sending a malicious request to exposed management ports. This is fixed in Fireware OS 12.8.1, 12.5.10, and 12.1.4."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2022-09-06T18:16:40",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://www.watchguard.com/wgrd-psirt/advisory/wgsa-2022-00015"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2022-31789",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "An integer overflow in WatchGuard Firebox and XTM appliances allows an unauthenticated remote attacker to trigger a buffer overflow and potentially execute arbitrary code by sending a malicious request to exposed management ports. This is fixed in Fireware OS 12.8.1, 12.5.10, and 12.1.4."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://www.watchguard.com/wgrd-psirt/advisory/wgsa-2022-00015",
"refsource": "MISC",
"url": "https://www.watchguard.com/wgrd-psirt/advisory/wgsa-2022-00015"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2022-31789",
"datePublished": "2022-09-06T18:16:40",
"dateReserved": "2022-05-27T00:00:00",
"dateUpdated": "2024-08-03T07:26:01.237Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2022-25360
Vulnerability from cvelistv5
Published
2022-02-24 04:53
Modified
2024-08-03 04:36
Severity ?
EPSS score ?
Summary
WatchGuard Firebox and XTM appliances allow an authenticated remote attacker with unprivileged credentials to upload files to arbitrary locations. This vulnerability impacts Fireware OS before 12.7.2_U2, 12.x before 12.1.3_U8, and 12.2.x through 12.5.x before 12.5.9_U2.
References
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T04:36:06.959Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://www.watchguard.com/support/release-notes/fireware/12/en-US/EN_ReleaseNotes_Fireware_12_7_2/index.html#Fireware/en-US/resolved_issues.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "WatchGuard Firebox and XTM appliances allow an authenticated remote attacker with unprivileged credentials to upload files to arbitrary locations. This vulnerability impacts Fireware OS before 12.7.2_U2, 12.x before 12.1.3_U8, and 12.2.x through 12.5.x before 12.5.9_U2."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2022-02-24T04:53:14",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://www.watchguard.com/support/release-notes/fireware/12/en-US/EN_ReleaseNotes_Fireware_12_7_2/index.html#Fireware/en-US/resolved_issues.html"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2022-25360",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "WatchGuard Firebox and XTM appliances allow an authenticated remote attacker with unprivileged credentials to upload files to arbitrary locations. This vulnerability impacts Fireware OS before 12.7.2_U2, 12.x before 12.1.3_U8, and 12.2.x through 12.5.x before 12.5.9_U2."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://www.watchguard.com/support/release-notes/fireware/12/en-US/EN_ReleaseNotes_Fireware_12_7_2/index.html#Fireware/en-US/resolved_issues.html",
"refsource": "CONFIRM",
"url": "https://www.watchguard.com/support/release-notes/fireware/12/en-US/EN_ReleaseNotes_Fireware_12_7_2/index.html#Fireware/en-US/resolved_issues.html"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2022-25360",
"datePublished": "2022-02-24T04:53:14",
"dateReserved": "2022-02-18T00:00:00",
"dateUpdated": "2024-08-03T04:36:06.959Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2017-8056
Vulnerability from cvelistv5
Published
2017-04-22 22:00
Modified
2024-09-17 01:52
Severity ?
EPSS score ?
Summary
WatchGuard Fireware v11.12.1 and earlier mishandles requests referring to an XML External Entity (XXE), in the XML-RPC agent. This causes the Firebox wgagent process to crash. This process crash ends all authenticated sessions to the Firebox, including management connections, and prevents new authenticated sessions until the process has recovered. The Firebox may also experience an overall degradation in performance while the wgagent process recovers. An attacker could continuously send XML-RPC requests that contain references to external entities to perform a limited Denial of Service (DoS) attack against an affected Firebox.
References
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T16:27:21.244Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://www.sidertia.com/Home/Community/Blog/2017/04/17/Fixed-the-Fireware-Vulnerabilities-discovered-by-Sidertia"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://packetstormsecurity.com/files/142177/watchguardfbxtm-xxeinject.txt"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://www.watchguard.com/support/release-notes/fireware/11/en-US/EN_ReleaseNotes_Fireware_11_12_2/index.html"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://watchguardsupport.force.com/publicKB?type=KBSecurityIssues\u0026SFDCID=kA62A0000000KlBSAU"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "WatchGuard Fireware v11.12.1 and earlier mishandles requests referring to an XML External Entity (XXE), in the XML-RPC agent. This causes the Firebox wgagent process to crash. This process crash ends all authenticated sessions to the Firebox, including management connections, and prevents new authenticated sessions until the process has recovered. The Firebox may also experience an overall degradation in performance while the wgagent process recovers. An attacker could continuously send XML-RPC requests that contain references to external entities to perform a limited Denial of Service (DoS) attack against an affected Firebox."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-04-22T22:00:00Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://www.sidertia.com/Home/Community/Blog/2017/04/17/Fixed-the-Fireware-Vulnerabilities-discovered-by-Sidertia"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://packetstormsecurity.com/files/142177/watchguardfbxtm-xxeinject.txt"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://www.watchguard.com/support/release-notes/fireware/11/en-US/EN_ReleaseNotes_Fireware_11_12_2/index.html"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://watchguardsupport.force.com/publicKB?type=KBSecurityIssues\u0026SFDCID=kA62A0000000KlBSAU"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2017-8056",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "WatchGuard Fireware v11.12.1 and earlier mishandles requests referring to an XML External Entity (XXE), in the XML-RPC agent. This causes the Firebox wgagent process to crash. This process crash ends all authenticated sessions to the Firebox, including management connections, and prevents new authenticated sessions until the process has recovered. The Firebox may also experience an overall degradation in performance while the wgagent process recovers. An attacker could continuously send XML-RPC requests that contain references to external entities to perform a limited Denial of Service (DoS) attack against an affected Firebox."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://www.sidertia.com/Home/Community/Blog/2017/04/17/Fixed-the-Fireware-Vulnerabilities-discovered-by-Sidertia",
"refsource": "MISC",
"url": "https://www.sidertia.com/Home/Community/Blog/2017/04/17/Fixed-the-Fireware-Vulnerabilities-discovered-by-Sidertia"
},
{
"name": "https://packetstormsecurity.com/files/142177/watchguardfbxtm-xxeinject.txt",
"refsource": "MISC",
"url": "https://packetstormsecurity.com/files/142177/watchguardfbxtm-xxeinject.txt"
},
{
"name": "https://www.watchguard.com/support/release-notes/fireware/11/en-US/EN_ReleaseNotes_Fireware_11_12_2/index.html",
"refsource": "MISC",
"url": "https://www.watchguard.com/support/release-notes/fireware/11/en-US/EN_ReleaseNotes_Fireware_11_12_2/index.html"
},
{
"name": "http://watchguardsupport.force.com/publicKB?type=KBSecurityIssues\u0026SFDCID=kA62A0000000KlBSAU",
"refsource": "MISC",
"url": "http://watchguardsupport.force.com/publicKB?type=KBSecurityIssues\u0026SFDCID=kA62A0000000KlBSAU"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2017-8056",
"datePublished": "2017-04-22T22:00:00Z",
"dateReserved": "2017-04-22T00:00:00Z",
"dateUpdated": "2024-09-17T01:52:05.225Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2022-25361
Vulnerability from cvelistv5
Published
2022-06-07 13:26
Modified
2024-08-03 04:36
Severity ?
EPSS score ?
Summary
WatchGuard Firebox and XTM appliances allow an unauthenticated remote attacker to delete arbitrary files from a limited set of directories on the system. This vulnerability impacts Fireware OS before 12.7.2_U2, 12.x before 12.1.3_U8, and 12.2.x through 12.5.x before 12.5.9_U2.
References
| ▼ | URL | Tags |
|---|---|---|
| https://watchguard.com | x_refsource_MISC | |
| https://www.watchguard.com/wgrd-psirt/advisory/wgsa-2022-00004 | x_refsource_MISC |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T04:36:06.903Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://watchguard.com"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://www.watchguard.com/wgrd-psirt/advisory/wgsa-2022-00004"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "WatchGuard Firebox and XTM appliances allow an unauthenticated remote attacker to delete arbitrary files from a limited set of directories on the system. This vulnerability impacts Fireware OS before 12.7.2_U2, 12.x before 12.1.3_U8, and 12.2.x through 12.5.x before 12.5.9_U2."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2022-06-07T13:26:39",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://watchguard.com"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://www.watchguard.com/wgrd-psirt/advisory/wgsa-2022-00004"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2022-25361",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "WatchGuard Firebox and XTM appliances allow an unauthenticated remote attacker to delete arbitrary files from a limited set of directories on the system. This vulnerability impacts Fireware OS before 12.7.2_U2, 12.x before 12.1.3_U8, and 12.2.x through 12.5.x before 12.5.9_U2."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://watchguard.com",
"refsource": "MISC",
"url": "https://watchguard.com"
},
{
"name": "https://www.watchguard.com/wgrd-psirt/advisory/wgsa-2022-00004",
"refsource": "MISC",
"url": "https://www.watchguard.com/wgrd-psirt/advisory/wgsa-2022-00004"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2022-25361",
"datePublished": "2022-06-07T13:26:39",
"dateReserved": "2022-02-18T00:00:00",
"dateUpdated": "2024-08-03T04:36:06.903Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2022-23176
Vulnerability from cvelistv5
Published
2022-02-24 00:52
Modified
2025-01-29 20:45
Severity ?
EPSS score ?
Summary
WatchGuard Firebox and XTM appliances allow a remote attacker with unprivileged credentials to access the system with a privileged management session via exposed management access. This vulnerability impacts Fireware OS before 12.7.2_U1, 12.x before 12.1.3_U3, and 12.2.x through 12.5.x before 12.5.7_U3.
References
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T03:36:20.080Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://securityportal.watchguard.com"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://www.watchguard.com/support/release-notes/fireware/12/en-US/EN_ReleaseNotes_Fireware_12_7/index.html#Fireware/en-US/resolved_issues.html"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://www.watchguard.com/support/release-notes/fireware/12/en-US/EN_ReleaseNotes_Fireware_12_7_2/index.html#Fireware/en-US/resolved_issues.html"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://www.watchguard.com/support/release-notes/fireware/12/en-US/EN_ReleaseNotes_Fireware_12_1_3_U7/index.html#Fireware/en-US/resolved_issues.html"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://arstechnica.com/information-technology/2022/04/watchguard-failed-to-disclose-critical-flaw-exploited-by-russian-hackers/"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
}
},
{
"other": {
"content": {
"id": "CVE-2022-23176",
"options": [
{
"Exploitation": "active"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-01-29T20:45:05.700924Z",
"version": "2.0.3"
},
"type": "ssvc"
}
},
{
"other": {
"content": {
"dateAdded": "2022-04-11",
"reference": "https://www.cisa.gov/known-exploited-vulnerabilities-catalog?search_api_fulltext=CVE-2022-23176"
},
"type": "kev"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "CWE-noinfo Not enough information",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-01-29T20:45:09.513Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "WatchGuard Firebox and XTM appliances allow a remote attacker with unprivileged credentials to access the system with a privileged management session via exposed management access. This vulnerability impacts Fireware OS before 12.7.2_U1, 12.x before 12.1.3_U3, and 12.2.x through 12.5.x before 12.5.7_U3."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2022-04-08T02:22:03.000Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://securityportal.watchguard.com"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://www.watchguard.com/support/release-notes/fireware/12/en-US/EN_ReleaseNotes_Fireware_12_7/index.html#Fireware/en-US/resolved_issues.html"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://www.watchguard.com/support/release-notes/fireware/12/en-US/EN_ReleaseNotes_Fireware_12_7_2/index.html#Fireware/en-US/resolved_issues.html"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://www.watchguard.com/support/release-notes/fireware/12/en-US/EN_ReleaseNotes_Fireware_12_1_3_U7/index.html#Fireware/en-US/resolved_issues.html"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://arstechnica.com/information-technology/2022/04/watchguard-failed-to-disclose-critical-flaw-exploited-by-russian-hackers/"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2022-23176",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "WatchGuard Firebox and XTM appliances allow a remote attacker with unprivileged credentials to access the system with a privileged management session via exposed management access. This vulnerability impacts Fireware OS before 12.7.2_U1, 12.x before 12.1.3_U3, and 12.2.x through 12.5.x before 12.5.7_U3."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://securityportal.watchguard.com",
"refsource": "MISC",
"url": "https://securityportal.watchguard.com"
},
{
"name": "https://www.watchguard.com/support/release-notes/fireware/12/en-US/EN_ReleaseNotes_Fireware_12_7/index.html#Fireware/en-US/resolved_issues.html",
"refsource": "CONFIRM",
"url": "https://www.watchguard.com/support/release-notes/fireware/12/en-US/EN_ReleaseNotes_Fireware_12_7/index.html#Fireware/en-US/resolved_issues.html"
},
{
"name": "https://www.watchguard.com/support/release-notes/fireware/12/en-US/EN_ReleaseNotes_Fireware_12_7_2/index.html#Fireware/en-US/resolved_issues.html",
"refsource": "MISC",
"url": "https://www.watchguard.com/support/release-notes/fireware/12/en-US/EN_ReleaseNotes_Fireware_12_7_2/index.html#Fireware/en-US/resolved_issues.html"
},
{
"name": "https://www.watchguard.com/support/release-notes/fireware/12/en-US/EN_ReleaseNotes_Fireware_12_1_3_U7/index.html#Fireware/en-US/resolved_issues.html",
"refsource": "MISC",
"url": "https://www.watchguard.com/support/release-notes/fireware/12/en-US/EN_ReleaseNotes_Fireware_12_1_3_U7/index.html#Fireware/en-US/resolved_issues.html"
},
{
"name": "https://arstechnica.com/information-technology/2022/04/watchguard-failed-to-disclose-critical-flaw-exploited-by-russian-hackers/",
"refsource": "MISC",
"url": "https://arstechnica.com/information-technology/2022/04/watchguard-failed-to-disclose-critical-flaw-exploited-by-russian-hackers/"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2022-23176",
"datePublished": "2022-02-24T00:52:48.000Z",
"dateReserved": "2022-01-12T00:00:00.000Z",
"dateUpdated": "2025-01-29T20:45:09.513Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2017-14616
Vulnerability from cvelistv5
Published
2017-09-20 20:00
Modified
2024-08-05 19:34
Severity ?
EPSS score ?
Summary
An FBX-5312 issue was discovered in WatchGuard Fireware before 12.0. If a login attempt is made in the XML-RPC interface with an XML message containing an empty member element, the wgagent crashes, logging out any user with a session opened in the UI. By continuously executing the failed login attempts, UI management of the device becomes impossible.
References
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T19:34:39.318Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://www.securityfocus.com/archive/1/540427"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://www.sidertia.com/Home/Community/Blog/2017/09/18/Fixed-Fireware-XXE-DOS-and-stored-XSS-vulnerabilities-discovered-by-Sidertia"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2017-09-20T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "An FBX-5312 issue was discovered in WatchGuard Fireware before 12.0. If a login attempt is made in the XML-RPC interface with an XML message containing an empty member element, the wgagent crashes, logging out any user with a session opened in the UI. By continuously executing the failed login attempts, UI management of the device becomes impossible."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-09-20T20:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "http://www.securityfocus.com/archive/1/540427"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://www.sidertia.com/Home/Community/Blog/2017/09/18/Fixed-Fireware-XXE-DOS-and-stored-XSS-vulnerabilities-discovered-by-Sidertia"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2017-14616",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "An FBX-5312 issue was discovered in WatchGuard Fireware before 12.0. If a login attempt is made in the XML-RPC interface with an XML message containing an empty member element, the wgagent crashes, logging out any user with a session opened in the UI. By continuously executing the failed login attempts, UI management of the device becomes impossible."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "http://www.securityfocus.com/archive/1/540427",
"refsource": "MISC",
"url": "http://www.securityfocus.com/archive/1/540427"
},
{
"name": "https://www.sidertia.com/Home/Community/Blog/2017/09/18/Fixed-Fireware-XXE-DOS-and-stored-XSS-vulnerabilities-discovered-by-Sidertia",
"refsource": "MISC",
"url": "https://www.sidertia.com/Home/Community/Blog/2017/09/18/Fixed-Fireware-XXE-DOS-and-stored-XSS-vulnerabilities-discovered-by-Sidertia"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2017-14616",
"datePublished": "2017-09-20T20:00:00",
"dateReserved": "2017-09-20T00:00:00",
"dateUpdated": "2024-08-05T19:34:39.318Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2017-8055
Vulnerability from cvelistv5
Published
2017-04-22 22:00
Modified
2024-09-16 19:24
Severity ?
EPSS score ?
Summary
WatchGuard Fireware allows user enumeration, e.g., in the Firebox XML-RPC login handler. A login request that contains a blank password sent to the XML-RPC agent in Fireware v11.12.1 and earlier returns different responses for valid and invalid usernames. An attacker could exploit this vulnerability to enumerate valid usernames on an affected Firebox.
References
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T16:27:22.449Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://www.sidertia.com/Home/Community/Blog/2017/04/17/Fixed-the-Fireware-Vulnerabilities-discovered-by-Sidertia"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://packetstormsecurity.com/files/142177/watchguardfbxtm-xxeinject.txt"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://watchguardsupport.force.com/publicKB?type=KBSecurityIssues\u0026SFDCID=kA62A0000000KlGSAU"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://www.watchguard.com/support/release-notes/fireware/11/en-US/EN_ReleaseNotes_Fireware_11_12_2/index.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "WatchGuard Fireware allows user enumeration, e.g., in the Firebox XML-RPC login handler. A login request that contains a blank password sent to the XML-RPC agent in Fireware v11.12.1 and earlier returns different responses for valid and invalid usernames. An attacker could exploit this vulnerability to enumerate valid usernames on an affected Firebox."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-04-22T22:00:00Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://www.sidertia.com/Home/Community/Blog/2017/04/17/Fixed-the-Fireware-Vulnerabilities-discovered-by-Sidertia"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://packetstormsecurity.com/files/142177/watchguardfbxtm-xxeinject.txt"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://watchguardsupport.force.com/publicKB?type=KBSecurityIssues\u0026SFDCID=kA62A0000000KlGSAU"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://www.watchguard.com/support/release-notes/fireware/11/en-US/EN_ReleaseNotes_Fireware_11_12_2/index.html"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2017-8055",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "WatchGuard Fireware allows user enumeration, e.g., in the Firebox XML-RPC login handler. A login request that contains a blank password sent to the XML-RPC agent in Fireware v11.12.1 and earlier returns different responses for valid and invalid usernames. An attacker could exploit this vulnerability to enumerate valid usernames on an affected Firebox."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://www.sidertia.com/Home/Community/Blog/2017/04/17/Fixed-the-Fireware-Vulnerabilities-discovered-by-Sidertia",
"refsource": "MISC",
"url": "https://www.sidertia.com/Home/Community/Blog/2017/04/17/Fixed-the-Fireware-Vulnerabilities-discovered-by-Sidertia"
},
{
"name": "https://packetstormsecurity.com/files/142177/watchguardfbxtm-xxeinject.txt",
"refsource": "MISC",
"url": "https://packetstormsecurity.com/files/142177/watchguardfbxtm-xxeinject.txt"
},
{
"name": "http://watchguardsupport.force.com/publicKB?type=KBSecurityIssues\u0026SFDCID=kA62A0000000KlGSAU",
"refsource": "MISC",
"url": "http://watchguardsupport.force.com/publicKB?type=KBSecurityIssues\u0026SFDCID=kA62A0000000KlGSAU"
},
{
"name": "https://www.watchguard.com/support/release-notes/fireware/11/en-US/EN_ReleaseNotes_Fireware_11_12_2/index.html",
"refsource": "MISC",
"url": "https://www.watchguard.com/support/release-notes/fireware/11/en-US/EN_ReleaseNotes_Fireware_11_12_2/index.html"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2017-8055",
"datePublished": "2017-04-22T22:00:00Z",
"dateReserved": "2017-04-22T00:00:00Z",
"dateUpdated": "2024-09-16T19:24:27.310Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2022-25290
Vulnerability from cvelistv5
Published
2022-02-24 04:56
Modified
2024-08-03 04:36
Severity ?
EPSS score ?
Summary
WatchGuard Firebox and XTM appliances allow an authenticated remote attacker with unprivileged credentials to retrieve certificate private keys. This vulnerability impacts Fireware OS before 12.7.2_U2, 12.x before 12.1.3_U8, and 12.2.x through 12.5.x before 12.5.9_U2.
References
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T04:36:06.662Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://www.watchguard.com/support/release-notes/fireware/12/en-US/EN_ReleaseNotes_Fireware_12_7_2/index.html#Fireware/en-US/resolved_issues.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "WatchGuard Firebox and XTM appliances allow an authenticated remote attacker with unprivileged credentials to retrieve certificate private keys. This vulnerability impacts Fireware OS before 12.7.2_U2, 12.x before 12.1.3_U8, and 12.2.x through 12.5.x before 12.5.9_U2."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2022-02-24T04:56:49",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://www.watchguard.com/support/release-notes/fireware/12/en-US/EN_ReleaseNotes_Fireware_12_7_2/index.html#Fireware/en-US/resolved_issues.html"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2022-25290",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "WatchGuard Firebox and XTM appliances allow an authenticated remote attacker with unprivileged credentials to retrieve certificate private keys. This vulnerability impacts Fireware OS before 12.7.2_U2, 12.x before 12.1.3_U8, and 12.2.x through 12.5.x before 12.5.9_U2."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://www.watchguard.com/support/release-notes/fireware/12/en-US/EN_ReleaseNotes_Fireware_12_7_2/index.html#Fireware/en-US/resolved_issues.html",
"refsource": "CONFIRM",
"url": "https://www.watchguard.com/support/release-notes/fireware/12/en-US/EN_ReleaseNotes_Fireware_12_7_2/index.html#Fireware/en-US/resolved_issues.html"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2022-25290",
"datePublished": "2022-02-24T04:56:49",
"dateReserved": "2022-02-16T00:00:00",
"dateUpdated": "2024-08-03T04:36:06.662Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2022-31792
Vulnerability from cvelistv5
Published
2022-09-06 18:24
Modified
2024-08-03 07:26
Severity ?
EPSS score ?
Summary
A stored cross-site scripting (XSS) vulnerability exists in the management web interface of WatchGuard Firebox and XTM appliances. A remote attacker can potentially execute arbitrary JavaScript code in the management web interface by sending crafted requests to exposed management ports. This is fixed in Fireware OS 12.8.1, 12.5.10, and 12.1.4.
References
| ▼ | URL | Tags |
|---|---|---|
| https://www.watchguard.com/wgrd-psirt/advisory/wgsa-2022-00014 | x_refsource_MISC |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T07:26:01.229Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://www.watchguard.com/wgrd-psirt/advisory/wgsa-2022-00014"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "A stored cross-site scripting (XSS) vulnerability exists in the management web interface of WatchGuard Firebox and XTM appliances. A remote attacker can potentially execute arbitrary JavaScript code in the management web interface by sending crafted requests to exposed management ports. This is fixed in Fireware OS 12.8.1, 12.5.10, and 12.1.4."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2022-09-06T18:24:45",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://www.watchguard.com/wgrd-psirt/advisory/wgsa-2022-00014"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2022-31792",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "A stored cross-site scripting (XSS) vulnerability exists in the management web interface of WatchGuard Firebox and XTM appliances. A remote attacker can potentially execute arbitrary JavaScript code in the management web interface by sending crafted requests to exposed management ports. This is fixed in Fireware OS 12.8.1, 12.5.10, and 12.1.4."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://www.watchguard.com/wgrd-psirt/advisory/wgsa-2022-00014",
"refsource": "MISC",
"url": "https://www.watchguard.com/wgrd-psirt/advisory/wgsa-2022-00014"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2022-31792",
"datePublished": "2022-09-06T18:24:45",
"dateReserved": "2022-05-27T00:00:00",
"dateUpdated": "2024-08-03T07:26:01.229Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2017-14615
Vulnerability from cvelistv5
Published
2017-09-20 20:00
Modified
2024-08-05 19:34
Severity ?
EPSS score ?
Summary
An FBX-5313 issue was discovered in WatchGuard Fireware before 12.0. When a failed login attempt is made to the login endpoint of the XML-RPC interface, if JavaScript code, properly encoded to be consumed by XML parsers, is embedded as value of the user element, the code will be rendered in the context of any logged in user in the Web UI visiting "Traffic Monitor" sections "Events" and "All." As a side effect, no further events will be visible in the Traffic Monitor until the device is restarted.
References
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T19:34:39.190Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://seclists.org/bugtraq/2017/Sep/22"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://www.sidertia.com/Home/Community/Blog/2017/09/18/Fixed-Fireware-XXE-DOS-and-stored-XSS-vulnerabilities-discovered-by-Sidertia"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://watchguardsupport.secure.force.com/publicKB?type=KBSecurityIssues\u0026SFDCID=kA62A0000000L0HSAU\u0026lang=en_US"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2017-09-20T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "An FBX-5313 issue was discovered in WatchGuard Fireware before 12.0. When a failed login attempt is made to the login endpoint of the XML-RPC interface, if JavaScript code, properly encoded to be consumed by XML parsers, is embedded as value of the user element, the code will be rendered in the context of any logged in user in the Web UI visiting \"Traffic Monitor\" sections \"Events\" and \"All.\" As a side effect, no further events will be visible in the Traffic Monitor until the device is restarted."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-09-20T20:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "http://seclists.org/bugtraq/2017/Sep/22"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://www.sidertia.com/Home/Community/Blog/2017/09/18/Fixed-Fireware-XXE-DOS-and-stored-XSS-vulnerabilities-discovered-by-Sidertia"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://watchguardsupport.secure.force.com/publicKB?type=KBSecurityIssues\u0026SFDCID=kA62A0000000L0HSAU\u0026lang=en_US"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2017-14615",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "An FBX-5313 issue was discovered in WatchGuard Fireware before 12.0. When a failed login attempt is made to the login endpoint of the XML-RPC interface, if JavaScript code, properly encoded to be consumed by XML parsers, is embedded as value of the user element, the code will be rendered in the context of any logged in user in the Web UI visiting \"Traffic Monitor\" sections \"Events\" and \"All.\" As a side effect, no further events will be visible in the Traffic Monitor until the device is restarted."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "http://seclists.org/bugtraq/2017/Sep/22",
"refsource": "MISC",
"url": "http://seclists.org/bugtraq/2017/Sep/22"
},
{
"name": "https://www.sidertia.com/Home/Community/Blog/2017/09/18/Fixed-Fireware-XXE-DOS-and-stored-XSS-vulnerabilities-discovered-by-Sidertia",
"refsource": "MISC",
"url": "https://www.sidertia.com/Home/Community/Blog/2017/09/18/Fixed-Fireware-XXE-DOS-and-stored-XSS-vulnerabilities-discovered-by-Sidertia"
},
{
"name": "https://watchguardsupport.secure.force.com/publicKB?type=KBSecurityIssues\u0026SFDCID=kA62A0000000L0HSAU\u0026lang=en_US",
"refsource": "MISC",
"url": "https://watchguardsupport.secure.force.com/publicKB?type=KBSecurityIssues\u0026SFDCID=kA62A0000000L0HSAU\u0026lang=en_US"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2017-14615",
"datePublished": "2017-09-20T20:00:00",
"dateReserved": "2017-09-20T00:00:00",
"dateUpdated": "2024-08-05T19:34:39.190Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2014-0338
Vulnerability from cvelistv5
Published
2014-03-16 10:00
Modified
2024-08-06 09:13
Severity ?
EPSS score ?
Summary
Multiple cross-site scripting (XSS) vulnerabilities in the firewall policy management pages in WatchGuard Fireware XTM before 11.8.3 allow remote attackers to inject arbitrary web script or HTML via the pol_name parameter.
References
| ▼ | URL | Tags |
|---|---|---|
| http://www.securitytracker.com/id/1029924 | vdb-entry, x_refsource_SECTRACK | |
| http://www.kb.cert.org/vuls/id/807134 | third-party-advisory, x_refsource_CERT-VN | |
| http://watchguardsecuritycenter.com/2014/03/13/fireware-xtm-11-8-3-update-corrects-xss-flaw/ | x_refsource_CONFIRM | |
| http://seclists.org/fulldisclosure/2014/Mar/154 | mailing-list, x_refsource_FULLDISC | |
| http://www.securityfocus.com/bid/66210 | vdb-entry, x_refsource_BID |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T09:13:09.841Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "1029924",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id/1029924"
},
{
"name": "VU#807134",
"tags": [
"third-party-advisory",
"x_refsource_CERT-VN",
"x_transferred"
],
"url": "http://www.kb.cert.org/vuls/id/807134"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://watchguardsecuritycenter.com/2014/03/13/fireware-xtm-11-8-3-update-corrects-xss-flaw/"
},
{
"name": "20140313 WatchGuard Fireware XTM devices contain a cross-site scripting vulnerability (CVE-2014-0338)",
"tags": [
"mailing-list",
"x_refsource_FULLDISC",
"x_transferred"
],
"url": "http://seclists.org/fulldisclosure/2014/Mar/154"
},
{
"name": "66210",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/66210"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2014-03-13T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Multiple cross-site scripting (XSS) vulnerabilities in the firewall policy management pages in WatchGuard Fireware XTM before 11.8.3 allow remote attackers to inject arbitrary web script or HTML via the pol_name parameter."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2015-06-02T14:57:00",
"orgId": "37e5125f-f79b-445b-8fad-9564f167944b",
"shortName": "certcc"
},
"references": [
{
"name": "1029924",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id/1029924"
},
{
"name": "VU#807134",
"tags": [
"third-party-advisory",
"x_refsource_CERT-VN"
],
"url": "http://www.kb.cert.org/vuls/id/807134"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://watchguardsecuritycenter.com/2014/03/13/fireware-xtm-11-8-3-update-corrects-xss-flaw/"
},
{
"name": "20140313 WatchGuard Fireware XTM devices contain a cross-site scripting vulnerability (CVE-2014-0338)",
"tags": [
"mailing-list",
"x_refsource_FULLDISC"
],
"url": "http://seclists.org/fulldisclosure/2014/Mar/154"
},
{
"name": "66210",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/66210"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cert@cert.org",
"ID": "CVE-2014-0338",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Multiple cross-site scripting (XSS) vulnerabilities in the firewall policy management pages in WatchGuard Fireware XTM before 11.8.3 allow remote attackers to inject arbitrary web script or HTML via the pol_name parameter."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "1029924",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1029924"
},
{
"name": "VU#807134",
"refsource": "CERT-VN",
"url": "http://www.kb.cert.org/vuls/id/807134"
},
{
"name": "http://watchguardsecuritycenter.com/2014/03/13/fireware-xtm-11-8-3-update-corrects-xss-flaw/",
"refsource": "CONFIRM",
"url": "http://watchguardsecuritycenter.com/2014/03/13/fireware-xtm-11-8-3-update-corrects-xss-flaw/"
},
{
"name": "20140313 WatchGuard Fireware XTM devices contain a cross-site scripting vulnerability (CVE-2014-0338)",
"refsource": "FULLDISC",
"url": "http://seclists.org/fulldisclosure/2014/Mar/154"
},
{
"name": "66210",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/66210"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "37e5125f-f79b-445b-8fad-9564f167944b",
"assignerShortName": "certcc",
"cveId": "CVE-2014-0338",
"datePublished": "2014-03-16T10:00:00",
"dateReserved": "2013-12-05T00:00:00",
"dateUpdated": "2024-08-06T09:13:09.841Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2022-25293
Vulnerability from cvelistv5
Published
2022-02-24 04:55
Modified
2024-08-03 04:36
Severity ?
EPSS score ?
Summary
A systemd stack-based buffer overflow in WatchGuard Firebox and XTM appliances allows an authenticated remote attacker to potentially execute arbitrary code by initiating a firmware update with a malicious upgrade image. This vulnerability impacts Fireware OS before 12.7.2_U2, 12.x before 12.1.3_U8, and 12.2.x through 12.5.x before 12.5.9_U2.
References
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T04:36:06.871Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://cwe.mitre.org/data/definitions/121.html"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://www.watchguard.com/support/release-notes/fireware/12/en-US/EN_ReleaseNotes_Fireware_12_7_2/index.html#Fireware/en-US/resolved_issues.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "A systemd stack-based buffer overflow in WatchGuard Firebox and XTM appliances allows an authenticated remote attacker to potentially execute arbitrary code by initiating a firmware update with a malicious upgrade image. This vulnerability impacts Fireware OS before 12.7.2_U2, 12.x before 12.1.3_U8, and 12.2.x through 12.5.x before 12.5.9_U2."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2022-06-27T00:12:23",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://cwe.mitre.org/data/definitions/121.html"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://www.watchguard.com/support/release-notes/fireware/12/en-US/EN_ReleaseNotes_Fireware_12_7_2/index.html#Fireware/en-US/resolved_issues.html"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2022-25293",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "A systemd stack-based buffer overflow in WatchGuard Firebox and XTM appliances allows an authenticated remote attacker to potentially execute arbitrary code by initiating a firmware update with a malicious upgrade image. This vulnerability impacts Fireware OS before 12.7.2_U2, 12.x before 12.1.3_U8, and 12.2.x through 12.5.x before 12.5.9_U2."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://cwe.mitre.org/data/definitions/121.html",
"refsource": "MISC",
"url": "https://cwe.mitre.org/data/definitions/121.html"
},
{
"name": "https://www.watchguard.com/support/release-notes/fireware/12/en-US/EN_ReleaseNotes_Fireware_12_7_2/index.html#Fireware/en-US/resolved_issues.html",
"refsource": "CONFIRM",
"url": "https://www.watchguard.com/support/release-notes/fireware/12/en-US/EN_ReleaseNotes_Fireware_12_7_2/index.html#Fireware/en-US/resolved_issues.html"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2022-25293",
"datePublished": "2022-02-24T04:55:47",
"dateReserved": "2022-02-16T00:00:00",
"dateUpdated": "2024-08-03T04:36:06.871Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2024-5974
Vulnerability from cvelistv5
Published
2024-07-09 02:24
Modified
2025-01-13 17:56
Severity ?
EPSS score ?
Summary
A buffer overflow in WatchGuard Fireware OS could may allow an authenticated remote attacker with privileged management access to execute arbitrary code with system privileges on the firewall.
This issue affects Fireware OS: from 11.9.6 through 12.10.3.
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| WatchGuard | Fireware OS |
Version: 11.9.6 ≤ 12.5.12+687697 Version: 12.6.0 ≤ 12.10.3 |
{
"containers": {
"adp": [
{
"affected": [
{
"cpes": [
"cpe:2.3:o:watchguard:fireware:*:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "fireware",
"vendor": "watchguard",
"versions": [
{
"lessThanOrEqual": "12.5.12_Update1",
"status": "affected",
"version": "11.9.4",
"versionType": "semver"
},
{
"lessThanOrEqual": "12.10.3",
"status": "affected",
"version": "12.6.0",
"versionType": "semver"
}
]
}
],
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-5974",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-07-09T14:17:18.190367Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-07-09T14:32:08.765Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
},
{
"providerMetadata": {
"dateUpdated": "2024-08-01T21:25:03.188Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://www.watchguard.com/wgrd-psirt/advisory/wgsa-2024-00011"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "Fireware OS",
"vendor": "WatchGuard",
"versions": [
{
"lessThanOrEqual": "12.5.12+687697",
"status": "affected",
"version": "11.9.6",
"versionType": "semver"
},
{
"lessThanOrEqual": "12.10.3",
"status": "affected",
"version": "12.6.0",
"versionType": "semver"
}
]
}
],
"datePublic": "2024-06-27T05:00:00.000Z",
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "A buffer overflow in WatchGuard Fireware OS could may allow an authenticated remote attacker with privileged management access to execute arbitrary code with system privileges on the firewall.\u003cbr\u003e\u003cp\u003eThis issue affects Fireware OS: from 11.9.6 through 12.10.3.\u003c/p\u003e"
}
],
"value": "A buffer overflow in WatchGuard Fireware OS could may allow an authenticated remote attacker with privileged management access to execute arbitrary code with system privileges on the firewall.\nThis issue affects Fireware OS: from 11.9.6 through 12.10.3."
}
],
"impacts": [
{
"capecId": "CAPEC-242",
"descriptions": [
{
"lang": "en",
"value": "CAPEC-242 Code Injection"
}
]
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.2,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-120",
"description": "CWE-120 Buffer Copy without Checking Size of Input (\u0027Classic Buffer Overflow\u0027)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-01-13T17:56:13.317Z",
"orgId": "5d1c2695-1a31-4499-88ae-e847036fd7e3",
"shortName": "WatchGuard"
},
"references": [
{
"url": "https://www.watchguard.com/wgrd-psirt/advisory/wgsa-2024-00011"
}
],
"source": {
"advisory": "wgsa-2024-00011",
"discovery": "INTERNAL"
},
"title": "Firebox Authenticated Buffer Overflow Vulnerability",
"x_generator": {
"engine": "Vulnogram 0.1.0-dev"
}
}
},
"cveMetadata": {
"assignerOrgId": "5d1c2695-1a31-4499-88ae-e847036fd7e3",
"assignerShortName": "WatchGuard",
"cveId": "CVE-2024-5974",
"datePublished": "2024-07-09T02:24:47.924Z",
"dateReserved": "2024-06-13T15:15:57.213Z",
"dateUpdated": "2025-01-13T17:56:13.317Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2022-25363
Vulnerability from cvelistv5
Published
2022-02-24 04:56
Modified
2024-08-03 04:36
Severity ?
EPSS score ?
Summary
WatchGuard Firebox and XTM appliances allow an authenticated remote attacker with unprivileged credentials to modify privileged management user credentials. This vulnerability impacts Fireware OS before 12.7.2_U2, 12.x before 12.1.3_U8, and 12.2.x through 12.5.x before 12.5.9_U2.
References
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T04:36:06.972Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://www.watchguard.com/support/release-notes/fireware/12/en-US/EN_ReleaseNotes_Fireware_12_7_2/index.html#Fireware/en-US/resolved_issues.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "WatchGuard Firebox and XTM appliances allow an authenticated remote attacker with unprivileged credentials to modify privileged management user credentials. This vulnerability impacts Fireware OS before 12.7.2_U2, 12.x before 12.1.3_U8, and 12.2.x through 12.5.x before 12.5.9_U2."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2022-02-24T04:56:20",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://www.watchguard.com/support/release-notes/fireware/12/en-US/EN_ReleaseNotes_Fireware_12_7_2/index.html#Fireware/en-US/resolved_issues.html"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2022-25363",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "WatchGuard Firebox and XTM appliances allow an authenticated remote attacker with unprivileged credentials to modify privileged management user credentials. This vulnerability impacts Fireware OS before 12.7.2_U2, 12.x before 12.1.3_U8, and 12.2.x through 12.5.x before 12.5.9_U2."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://www.watchguard.com/support/release-notes/fireware/12/en-US/EN_ReleaseNotes_Fireware_12_7_2/index.html#Fireware/en-US/resolved_issues.html",
"refsource": "CONFIRM",
"url": "https://www.watchguard.com/support/release-notes/fireware/12/en-US/EN_ReleaseNotes_Fireware_12_7_2/index.html#Fireware/en-US/resolved_issues.html"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2022-25363",
"datePublished": "2022-02-24T04:56:20",
"dateReserved": "2022-02-18T00:00:00",
"dateUpdated": "2024-08-03T04:36:06.972Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2022-26318
Vulnerability from cvelistv5
Published
2022-03-04 17:36
Modified
2025-01-29 16:39
Severity ?
EPSS score ?
Summary
On WatchGuard Firebox and XTM appliances, an unauthenticated user can execute arbitrary code, aka FBX-22786. This vulnerability impacts Fireware OS before 12.7.2_U2, 12.x before 12.1.3_U8, and 12.2.x through 12.5.x before 12.5.9_U2.
References
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T05:03:31.178Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://www.watchguard.com/support/release-notes/fireware/12/en-US/EN_ReleaseNotes_Fireware_12_7_2/index.html#Fireware/en-US/resolved_issues.html"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
}
},
{
"other": {
"content": {
"id": "CVE-2022-26318",
"options": [
{
"Exploitation": "active"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-01-29T16:38:57.231507Z",
"version": "2.0.3"
},
"type": "ssvc"
}
},
{
"other": {
"content": {
"dateAdded": "2022-03-25",
"reference": "https://www.cisa.gov/known-exploited-vulnerabilities-catalog?search_api_fulltext=CVE-2022-26318"
},
"type": "kev"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "CWE-noinfo Not enough information",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-01-29T16:39:00.786Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "On WatchGuard Firebox and XTM appliances, an unauthenticated user can execute arbitrary code, aka FBX-22786. This vulnerability impacts Fireware OS before 12.7.2_U2, 12.x before 12.1.3_U8, and 12.2.x through 12.5.x before 12.5.9_U2."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2022-03-13T18:13:24.000Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://www.watchguard.com/support/release-notes/fireware/12/en-US/EN_ReleaseNotes_Fireware_12_7_2/index.html#Fireware/en-US/resolved_issues.html"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2022-26318",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "On WatchGuard Firebox and XTM appliances, an unauthenticated user can execute arbitrary code, aka FBX-22786. This vulnerability impacts Fireware OS before 12.7.2_U2, 12.x before 12.1.3_U8, and 12.2.x through 12.5.x before 12.5.9_U2."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://www.watchguard.com/support/release-notes/fireware/12/en-US/EN_ReleaseNotes_Fireware_12_7_2/index.html#Fireware/en-US/resolved_issues.html",
"refsource": "CONFIRM",
"url": "https://www.watchguard.com/support/release-notes/fireware/12/en-US/EN_ReleaseNotes_Fireware_12_7_2/index.html#Fireware/en-US/resolved_issues.html"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2022-26318",
"datePublished": "2022-03-04T17:36:37.000Z",
"dateReserved": "2022-02-28T00:00:00.000Z",
"dateUpdated": "2025-01-29T16:39:00.786Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2022-25292
Vulnerability from cvelistv5
Published
2022-02-24 04:55
Modified
2024-08-03 04:36
Severity ?
EPSS score ?
Summary
A wgagent stack-based buffer overflow in WatchGuard Firebox and XTM appliances allows an authenticated remote attacker to potentially execute arbitrary code by initiating a firmware update with a malicious upgrade image. This vulnerability impacts Fireware OS before 12.7.2_U2, 12.x before 12.1.3_U8, and 12.2.x through 12.5.x before 12.5.9_U2.
References
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T04:36:06.768Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://cwe.mitre.org/data/definitions/121.html"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://www.watchguard.com/support/release-notes/fireware/12/en-US/EN_ReleaseNotes_Fireware_12_7_2/index.html#Fireware/en-US/resolved_issues.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "A wgagent stack-based buffer overflow in WatchGuard Firebox and XTM appliances allows an authenticated remote attacker to potentially execute arbitrary code by initiating a firmware update with a malicious upgrade image. This vulnerability impacts Fireware OS before 12.7.2_U2, 12.x before 12.1.3_U8, and 12.2.x through 12.5.x before 12.5.9_U2."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2022-06-27T00:12:26",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://cwe.mitre.org/data/definitions/121.html"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://www.watchguard.com/support/release-notes/fireware/12/en-US/EN_ReleaseNotes_Fireware_12_7_2/index.html#Fireware/en-US/resolved_issues.html"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2022-25292",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "A wgagent stack-based buffer overflow in WatchGuard Firebox and XTM appliances allows an authenticated remote attacker to potentially execute arbitrary code by initiating a firmware update with a malicious upgrade image. This vulnerability impacts Fireware OS before 12.7.2_U2, 12.x before 12.1.3_U8, and 12.2.x through 12.5.x before 12.5.9_U2."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://cwe.mitre.org/data/definitions/121.html",
"refsource": "MISC",
"url": "https://cwe.mitre.org/data/definitions/121.html"
},
{
"name": "https://www.watchguard.com/support/release-notes/fireware/12/en-US/EN_ReleaseNotes_Fireware_12_7_2/index.html#Fireware/en-US/resolved_issues.html",
"refsource": "CONFIRM",
"url": "https://www.watchguard.com/support/release-notes/fireware/12/en-US/EN_ReleaseNotes_Fireware_12_7_2/index.html#Fireware/en-US/resolved_issues.html"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2022-25292",
"datePublished": "2022-02-24T04:55:17",
"dateReserved": "2022-02-16T00:00:00",
"dateUpdated": "2024-08-03T04:36:06.768Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2022-31791
Vulnerability from cvelistv5
Published
2022-09-06 18:26
Modified
2024-08-03 07:26
Severity ?
EPSS score ?
Summary
WatchGuard Firebox and XTM appliances allow a local attacker (that has already obtained shell access) to elevate their privileges and execute code with root permissions. This is fixed in Fireware OS 12.8.1, 12.5.10, and 12.1.4.
References
| ▼ | URL | Tags |
|---|---|---|
| https://www.watchguard.com/wgrd-psirt/advisory/wgsa-2022-00018 | x_refsource_MISC |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T07:26:01.197Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://www.watchguard.com/wgrd-psirt/advisory/wgsa-2022-00018"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "WatchGuard Firebox and XTM appliances allow a local attacker (that has already obtained shell access) to elevate their privileges and execute code with root permissions. This is fixed in Fireware OS 12.8.1, 12.5.10, and 12.1.4."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2022-09-06T18:26:38",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://www.watchguard.com/wgrd-psirt/advisory/wgsa-2022-00018"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2022-31791",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "WatchGuard Firebox and XTM appliances allow a local attacker (that has already obtained shell access) to elevate their privileges and execute code with root permissions. This is fixed in Fireware OS 12.8.1, 12.5.10, and 12.1.4."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://www.watchguard.com/wgrd-psirt/advisory/wgsa-2022-00018",
"refsource": "MISC",
"url": "https://www.watchguard.com/wgrd-psirt/advisory/wgsa-2022-00018"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2022-31791",
"datePublished": "2022-09-06T18:26:38",
"dateReserved": "2022-05-27T00:00:00",
"dateUpdated": "2024-08-03T07:26:01.197Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2013-5702
Vulnerability from cvelistv5
Published
2013-10-19 10:00
Modified
2024-09-17 02:22
Severity ?
EPSS score ?
Summary
Multiple cross-site scripting (XSS) vulnerabilities in WebCenter in WatchGuard WSM and Fireware before 11.8 allow remote attackers to inject arbitrary web script or HTML via unspecified parameters.
References
| ▼ | URL | Tags |
|---|---|---|
| http://watchguardsecuritycenter.com/2013/10/17/xtm-11-8-secfixes/ | x_refsource_CONFIRM | |
| http://watchguardsecuritycenter.com/2013/10/17/watchguard-dimension-and-fireware-xtm-11-8/ | x_refsource_CONFIRM |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T17:22:30.164Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://watchguardsecuritycenter.com/2013/10/17/xtm-11-8-secfixes/"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://watchguardsecuritycenter.com/2013/10/17/watchguard-dimension-and-fireware-xtm-11-8/"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Multiple cross-site scripting (XSS) vulnerabilities in WebCenter in WatchGuard WSM and Fireware before 11.8 allow remote attackers to inject arbitrary web script or HTML via unspecified parameters."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2013-10-19T10:00:00Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://watchguardsecuritycenter.com/2013/10/17/xtm-11-8-secfixes/"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://watchguardsecuritycenter.com/2013/10/17/watchguard-dimension-and-fireware-xtm-11-8/"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2013-5702",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Multiple cross-site scripting (XSS) vulnerabilities in WebCenter in WatchGuard WSM and Fireware before 11.8 allow remote attackers to inject arbitrary web script or HTML via unspecified parameters."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "http://watchguardsecuritycenter.com/2013/10/17/xtm-11-8-secfixes/",
"refsource": "CONFIRM",
"url": "http://watchguardsecuritycenter.com/2013/10/17/xtm-11-8-secfixes/"
},
{
"name": "http://watchguardsecuritycenter.com/2013/10/17/watchguard-dimension-and-fireware-xtm-11-8/",
"refsource": "CONFIRM",
"url": "http://watchguardsecuritycenter.com/2013/10/17/watchguard-dimension-and-fireware-xtm-11-8/"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2013-5702",
"datePublished": "2013-10-19T10:00:00Z",
"dateReserved": "2013-09-05T00:00:00Z",
"dateUpdated": "2024-09-17T02:22:05.530Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
var-201310-0403
Vulnerability from variot
Buffer overflow in WGagent in WatchGuard WSM and Fireware before 11.8 allows remote attackers to execute arbitrary code via a long sessionid value in a cookie. Watchguard Extensible Threat Management (XTM) Contains a stack buffer overflow vulnerability. Watchguard Extensible Threat Management (XTM) appliance is a next-generation network security appliance that includes firewalls, application control and intrusion prevention systems. The WGagent running on the XTM application has a security vulnerability in parsing the cookie sent to the WEB interface. Failed exploit attempts will result in a denial-of-service condition
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-201310-0403",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "fireware",
"scope": "eq",
"trust": 1.6,
"vendor": "watchguard",
"version": "11.3"
},
{
"model": "fireware",
"scope": "eq",
"trust": 1.6,
"vendor": "watchguard",
"version": "11.7.2"
},
{
"model": "fireware",
"scope": "eq",
"trust": 1.6,
"vendor": "watchguard",
"version": "11.4"
},
{
"model": "fireware",
"scope": "eq",
"trust": 1.6,
"vendor": "watchguard",
"version": "11.0.2"
},
{
"model": "fireware",
"scope": "eq",
"trust": 1.6,
"vendor": "watchguard",
"version": "11.6.6"
},
{
"model": "fireware",
"scope": "eq",
"trust": 1.6,
"vendor": "watchguard",
"version": "11.3.6"
},
{
"model": "fireware",
"scope": "eq",
"trust": 1.6,
"vendor": "watchguard",
"version": "11.5.3"
},
{
"model": "fireware",
"scope": "eq",
"trust": 1.6,
"vendor": "watchguard",
"version": "11.5.1"
},
{
"model": "fireware",
"scope": "eq",
"trust": 1.6,
"vendor": "watchguard",
"version": "11.4.2"
},
{
"model": "fireware",
"scope": "lte",
"trust": 1.0,
"vendor": "watchguard",
"version": "11.7.4"
},
{
"model": "fireware",
"scope": "eq",
"trust": 1.0,
"vendor": "watchguard",
"version": "11.2.3"
},
{
"model": "fireware",
"scope": "eq",
"trust": 1.0,
"vendor": "watchguard",
"version": "11.1"
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "watchguard",
"version": null
},
{
"model": "fireware",
"scope": "lte",
"trust": 0.8,
"vendor": "watchguard",
"version": "version 11.7.4"
},
{
"model": "extensible threat management appliance",
"scope": "eq",
"trust": 0.6,
"vendor": "watchguard",
"version": "11.7.4"
},
{
"model": "fireware",
"scope": "eq",
"trust": 0.6,
"vendor": "watchguard",
"version": "11.7.4"
}
],
"sources": [
{
"db": "CERT/CC",
"id": "VU#233990"
},
{
"db": "CNVD",
"id": "CNVD-2013-14028"
},
{
"db": "JVNDB",
"id": "JVNDB-2013-004810"
},
{
"db": "CNNVD",
"id": "CNNVD-201310-475"
},
{
"db": "NVD",
"id": "CVE-2013-6021"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"cpe_match": [
{
"cpe22Uri": "cpe:/o:watchguard:fireware",
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2013-004810"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Jerome Nokin and Thierry Zoller of Verizon Enterprise Solutions.",
"sources": [
{
"db": "BID",
"id": "63227"
}
],
"trust": 0.3
},
"cve": "CVE-2013-6021",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "nvd@nist.gov",
"availabilityImpact": "COMPLETE",
"baseScore": 9.3,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 8.6,
"id": "CVE-2013-6021",
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"severity": "HIGH",
"trust": 1.8,
"vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
{
"acInsufInfo": null,
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "NVD",
"availabilityImpact": "COMPLETE",
"availabilityRequirement": "NOT DEFINED",
"baseScore": 9.3,
"collateralDamagePotential": "NOT DEFINED",
"confidentialityImpact": "COMPLETE",
"confidentialityRequirement": "NOT DEFINED",
"enviromentalScore": 1.8,
"exploitability": "PROOF-OF-CONCEPT",
"exploitabilityScore": 8.6,
"id": "CVE-2013-6021",
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"integrityRequirement": "NOT DEFINED",
"obtainAllPrivilege": null,
"obtainOtherPrivilege": null,
"obtainUserPrivilege": null,
"remediationLevel": "OFFICIAL FIX",
"reportConfidence": "CONFIRMED",
"severity": "HIGH",
"targetDistribution": "LOW",
"trust": 0.8,
"userInteractionRequired": null,
"vector_string": "AV:N/AC:M/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
{
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "CNVD",
"availabilityImpact": "COMPLETE",
"baseScore": 9.3,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 8.6,
"id": "CNVD-2013-14028",
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"severity": "HIGH",
"trust": 0.6,
"vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C",
"version": "2.0"
}
],
"cvssV3": [],
"severity": [
{
"author": "NVD",
"id": "CVE-2013-6021",
"trust": 1.6,
"value": "HIGH"
},
{
"author": "nvd@nist.gov",
"id": "CVE-2013-6021",
"trust": 1.0,
"value": "HIGH"
},
{
"author": "CNVD",
"id": "CNVD-2013-14028",
"trust": 0.6,
"value": "HIGH"
},
{
"author": "CNNVD",
"id": "CNNVD-201310-475",
"trust": 0.6,
"value": "CRITICAL"
}
]
}
],
"sources": [
{
"db": "CERT/CC",
"id": "VU#233990"
},
{
"db": "CNVD",
"id": "CNVD-2013-14028"
},
{
"db": "JVNDB",
"id": "JVNDB-2013-004810"
},
{
"db": "CNNVD",
"id": "CNNVD-201310-475"
},
{
"db": "NVD",
"id": "CVE-2013-6021"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Buffer overflow in WGagent in WatchGuard WSM and Fireware before 11.8 allows remote attackers to execute arbitrary code via a long sessionid value in a cookie. Watchguard Extensible Threat Management (XTM) Contains a stack buffer overflow vulnerability. Watchguard Extensible Threat Management (XTM) appliance is a next-generation network security appliance that includes firewalls, application control and intrusion prevention systems. The WGagent running on the XTM application has a security vulnerability in parsing the cookie sent to the WEB interface. Failed exploit attempts will result in a denial-of-service condition",
"sources": [
{
"db": "NVD",
"id": "CVE-2013-6021"
},
{
"db": "CERT/CC",
"id": "VU#233990"
},
{
"db": "JVNDB",
"id": "JVNDB-2013-004810"
},
{
"db": "CNVD",
"id": "CNVD-2013-14028"
},
{
"db": "BID",
"id": "63227"
}
],
"trust": 3.15
},
"exploit_availability": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/exploit_availability#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"reference": "https://www.kb.cert.org/vuls/id/233990",
"trust": 0.8,
"type": "poc"
}
],
"sources": [
{
"db": "CERT/CC",
"id": "VU#233990"
}
]
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "CERT/CC",
"id": "VU#233990",
"trust": 3.8
},
{
"db": "NVD",
"id": "CVE-2013-6021",
"trust": 3.3
},
{
"db": "BID",
"id": "63227",
"trust": 1.9
},
{
"db": "EXPLOIT-DB",
"id": "29273",
"trust": 1.0
},
{
"db": "OSVDB",
"id": "98752",
"trust": 1.0
},
{
"db": "JVN",
"id": "JVNVU97653535",
"trust": 0.8
},
{
"db": "JVNDB",
"id": "JVNDB-2013-004810",
"trust": 0.8
},
{
"db": "CNVD",
"id": "CNVD-2013-14028",
"trust": 0.6
},
{
"db": "CNNVD",
"id": "CNNVD-201310-475",
"trust": 0.6
}
],
"sources": [
{
"db": "CERT/CC",
"id": "VU#233990"
},
{
"db": "CNVD",
"id": "CNVD-2013-14028"
},
{
"db": "BID",
"id": "63227"
},
{
"db": "JVNDB",
"id": "JVNDB-2013-004810"
},
{
"db": "CNNVD",
"id": "CNNVD-201310-475"
},
{
"db": "NVD",
"id": "CVE-2013-6021"
}
]
},
"id": "VAR-201310-0403",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "CNVD",
"id": "CNVD-2013-14028"
}
],
"trust": 0.83504274
},
"iot_taxonomy": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"category": [
"Network device"
],
"sub_category": null,
"trust": 0.6
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2013-14028"
}
]
},
"last_update_date": "2024-11-23T22:59:46.431000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "WatchGuard\u2019s XTM 11.8 Software Fixes Buffer Overflow \u0026 XSS Vulnerabilities",
"trust": 0.8,
"url": "http://watchguardsecuritycenter.com/2013/10/17/xtm-11-8-secfixes/"
},
{
"title": "WatchGuard Dimension and Fireware XTM 11.8",
"trust": 0.8,
"url": "http://watchguardsecuritycenter.com/2013/10/17/watchguard-dimension-and-fireware-xtm-11-8/"
},
{
"title": "Patch for the Watchguard Extensible Threat Management Stack Buffer Overflow Vulnerability",
"trust": 0.6,
"url": "https://www.cnvd.org.cn/patchInfo/show/40485"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2013-14028"
},
{
"db": "JVNDB",
"id": "JVNDB-2013-004810"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-119",
"trust": 1.8
},
{
"problemtype": "CWE-121",
"trust": 0.8
}
],
"sources": [
{
"db": "CERT/CC",
"id": "VU#233990"
},
{
"db": "JVNDB",
"id": "JVNDB-2013-004810"
},
{
"db": "NVD",
"id": "CVE-2013-6021"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 3.0,
"url": "http://watchguardsecuritycenter.com/2013/10/17/xtm-11-8-secfixes/"
},
{
"trust": 3.0,
"url": "http://www.kb.cert.org/vuls/id/233990"
},
{
"trust": 1.6,
"url": "http://watchguardsecuritycenter.com/2013/10/17/watchguard-dimension-and-fireware-xtm-11-8/"
},
{
"trust": 1.0,
"url": "http://www.exploit-db.com/exploits/29273"
},
{
"trust": 1.0,
"url": "https://funoverip.net/2013/10/watchguard-cve-2013-6021-stack-based-buffer-overflow-exploit/"
},
{
"trust": 1.0,
"url": "http://www.securityfocus.com/bid/63227"
},
{
"trust": 1.0,
"url": "http://osvdb.org/98752"
},
{
"trust": 0.8,
"url": "http://cwe.mitre.org/data/definitions/121.html"
},
{
"trust": 0.8,
"url": "http://www.watchguard.com/products/xtm-main.asp"
},
{
"trust": 0.8,
"url": "http://www.watchguard.com/support/index.asp"
},
{
"trust": 0.8,
"url": "http://watchguardsecuritycenter.com/2013/10/17/watchguard-dimension-and-fireware"
},
{
"trust": 0.8,
"url": "-xtm-11-8/"
},
{
"trust": 0.8,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2013-6021"
},
{
"trust": 0.8,
"url": "http://jvn.jp/cert/jvnvu97653535/index.html"
},
{
"trust": 0.8,
"url": "http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2013-6021"
},
{
"trust": 0.3,
"url": "http://www.watchguard.com/"
}
],
"sources": [
{
"db": "CERT/CC",
"id": "VU#233990"
},
{
"db": "CNVD",
"id": "CNVD-2013-14028"
},
{
"db": "BID",
"id": "63227"
},
{
"db": "JVNDB",
"id": "JVNDB-2013-004810"
},
{
"db": "CNNVD",
"id": "CNNVD-201310-475"
},
{
"db": "NVD",
"id": "CVE-2013-6021"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "CERT/CC",
"id": "VU#233990"
},
{
"db": "CNVD",
"id": "CNVD-2013-14028"
},
{
"db": "BID",
"id": "63227"
},
{
"db": "JVNDB",
"id": "JVNDB-2013-004810"
},
{
"db": "CNNVD",
"id": "CNNVD-201310-475"
},
{
"db": "NVD",
"id": "CVE-2013-6021"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2013-10-18T00:00:00",
"db": "CERT/CC",
"id": "VU#233990"
},
{
"date": "2013-10-24T00:00:00",
"db": "CNVD",
"id": "CNVD-2013-14028"
},
{
"date": "2013-10-18T00:00:00",
"db": "BID",
"id": "63227"
},
{
"date": "2013-10-22T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2013-004810"
},
{
"date": "2013-10-21T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201310-475"
},
{
"date": "2013-10-19T10:36:08.573000",
"db": "NVD",
"id": "CVE-2013-6021"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2013-10-18T00:00:00",
"db": "CERT/CC",
"id": "VU#233990"
},
{
"date": "2013-10-24T00:00:00",
"db": "CNVD",
"id": "CNVD-2013-14028"
},
{
"date": "2013-11-01T00:51:00",
"db": "BID",
"id": "63227"
},
{
"date": "2013-10-22T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2013-004810"
},
{
"date": "2013-10-21T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201310-475"
},
{
"date": "2024-11-21T01:58:38.240000",
"db": "NVD",
"id": "CVE-2013-6021"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201310-475"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Watchguard Extensible Threat Management (XTM) appliance version 11.7.4 contains a buffer overflow vulnerability",
"sources": [
{
"db": "CERT/CC",
"id": "VU#233990"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "buffer overflow",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201310-475"
}
],
"trust": 0.6
}
}
var-201709-0842
Vulnerability from variot
An FBX-5312 issue was discovered in WatchGuard Fireware before 12.0. If a login attempt is made in the XML-RPC interface with an XML message containing an empty member element, the wgagent crashes, logging out any user with a session opened in the UI. By continuously executing the failed login attempts, UI management of the device becomes impossible. WatchGuard Fireware Contains a resource exhaustion vulnerability.Service operation interruption (DoS) There is a possibility of being put into a state. WatchGuardFirewareXTM is a firewall device from WatchGuard, Inc., which provides intrusion prevention, spam virus filtering, and SSLVPN through intelligent layering technology. WatchGuardFireware is the firmware in it. A security vulnerability exists in versions of WatchGuardFireware prior to 12.0. An attacker could exploit the vulnerability with a continuous invalid login request to cause a denial of service (wgagent crash)
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-201709-0842",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "fireware",
"scope": "lt",
"trust": 1.4,
"vendor": "watchguard",
"version": "12.0"
},
{
"model": "fireware",
"scope": "lte",
"trust": 1.0,
"vendor": "watchguard",
"version": "11.12.4"
},
{
"model": "fireware",
"scope": "eq",
"trust": 0.6,
"vendor": "watchguard",
"version": "11.12.4"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2017-35372"
},
{
"db": "JVNDB",
"id": "JVNDB-2017-008436"
},
{
"db": "CNNVD",
"id": "CNNVD-201709-943"
},
{
"db": "NVD",
"id": "CVE-2017-14616"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"cpe_match": [
{
"cpe22Uri": "cpe:/o:watchguard:fireware",
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2017-008436"
}
]
},
"cve": "CVE-2017-14616",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "nvd@nist.gov",
"availabilityImpact": "COMPLETE",
"baseScore": 7.8,
"confidentialityImpact": "NONE",
"exploitabilityScore": 10.0,
"id": "CVE-2017-14616",
"impactScore": 6.9,
"integrityImpact": "NONE",
"severity": "HIGH",
"trust": 1.8,
"vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:C",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "CNVD",
"availabilityImpact": "COMPLETE",
"baseScore": 7.8,
"confidentialityImpact": "NONE",
"exploitabilityScore": 10.0,
"id": "CNVD-2017-35372",
"impactScore": 6.9,
"integrityImpact": "NONE",
"severity": "HIGH",
"trust": 0.6,
"vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:C",
"version": "2.0"
}
],
"cvssV3": [
{
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"author": "nvd@nist.gov",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"exploitabilityScore": 3.9,
"id": "CVE-2017-14616",
"impactScore": 3.6,
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"trust": 1.8,
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.0"
}
],
"severity": [
{
"author": "nvd@nist.gov",
"id": "CVE-2017-14616",
"trust": 1.0,
"value": "HIGH"
},
{
"author": "NVD",
"id": "CVE-2017-14616",
"trust": 0.8,
"value": "High"
},
{
"author": "CNVD",
"id": "CNVD-2017-35372",
"trust": 0.6,
"value": "HIGH"
},
{
"author": "CNNVD",
"id": "CNNVD-201709-943",
"trust": 0.6,
"value": "HIGH"
}
]
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2017-35372"
},
{
"db": "JVNDB",
"id": "JVNDB-2017-008436"
},
{
"db": "CNNVD",
"id": "CNNVD-201709-943"
},
{
"db": "NVD",
"id": "CVE-2017-14616"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "An FBX-5312 issue was discovered in WatchGuard Fireware before 12.0. If a login attempt is made in the XML-RPC interface with an XML message containing an empty member element, the wgagent crashes, logging out any user with a session opened in the UI. By continuously executing the failed login attempts, UI management of the device becomes impossible. WatchGuard Fireware Contains a resource exhaustion vulnerability.Service operation interruption (DoS) There is a possibility of being put into a state. WatchGuardFirewareXTM is a firewall device from WatchGuard, Inc., which provides intrusion prevention, spam virus filtering, and SSLVPN through intelligent layering technology. WatchGuardFireware is the firmware in it. A security vulnerability exists in versions of WatchGuardFireware prior to 12.0. An attacker could exploit the vulnerability with a continuous invalid login request to cause a denial of service (wgagent crash)",
"sources": [
{
"db": "NVD",
"id": "CVE-2017-14616"
},
{
"db": "JVNDB",
"id": "JVNDB-2017-008436"
},
{
"db": "CNVD",
"id": "CNVD-2017-35372"
}
],
"trust": 2.16
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2017-14616",
"trust": 3.0
},
{
"db": "JVNDB",
"id": "JVNDB-2017-008436",
"trust": 0.8
},
{
"db": "CNVD",
"id": "CNVD-2017-35372",
"trust": 0.6
},
{
"db": "CNNVD",
"id": "CNNVD-201709-943",
"trust": 0.6
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2017-35372"
},
{
"db": "JVNDB",
"id": "JVNDB-2017-008436"
},
{
"db": "CNNVD",
"id": "CNNVD-201709-943"
},
{
"db": "NVD",
"id": "CVE-2017-14616"
}
]
},
"id": "VAR-201709-0842",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "CNVD",
"id": "CNVD-2017-35372"
}
],
"trust": 0.06
},
"iot_taxonomy": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"category": [
"Network device"
],
"sub_category": null,
"trust": 0.6
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2017-35372"
}
]
},
"last_update_date": "2024-11-23T21:40:28.024000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "Fireware v12.0 Release Notes",
"trust": 0.8,
"url": "https://www.watchguard.com/support/release-notes/fireware/12/en-US/EN_ReleaseNotes_Fireware_12_0/index.html"
},
{
"title": "Patch for WatchGuardFireware Denial of Service Vulnerability (CNVD-2017-35372)",
"trust": 0.6,
"url": "https://www.cnvd.org.cn/patchInfo/show/106861"
},
{
"title": "WatchGuard Fireware Security vulnerabilities",
"trust": 0.6,
"url": "http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=75002"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2017-35372"
},
{
"db": "JVNDB",
"id": "JVNDB-2017-008436"
},
{
"db": "CNNVD",
"id": "CNNVD-201709-943"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-400",
"trust": 1.8
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2017-008436"
},
{
"db": "NVD",
"id": "CVE-2017-14616"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 3.0,
"url": "http://www.securityfocus.com/archive/1/540427"
},
{
"trust": 2.4,
"url": "https://www.sidertia.com/home/community/blog/2017/09/18/fixed-fireware-xxe-dos-and-stored-xss-vulnerabilities-discovered-by-sidertia"
},
{
"trust": 1.4,
"url": "https://nvd.nist.gov/vuln/detail/cve-2017-14616"
},
{
"trust": 0.8,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2017-14616"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2017-35372"
},
{
"db": "JVNDB",
"id": "JVNDB-2017-008436"
},
{
"db": "CNNVD",
"id": "CNNVD-201709-943"
},
{
"db": "NVD",
"id": "CVE-2017-14616"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "CNVD",
"id": "CNVD-2017-35372"
},
{
"db": "JVNDB",
"id": "JVNDB-2017-008436"
},
{
"db": "CNNVD",
"id": "CNNVD-201709-943"
},
{
"db": "NVD",
"id": "CVE-2017-14616"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2017-11-29T00:00:00",
"db": "CNVD",
"id": "CNVD-2017-35372"
},
{
"date": "2017-10-18T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2017-008436"
},
{
"date": "2017-09-28T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201709-943"
},
{
"date": "2017-09-20T20:29:00.260000",
"db": "NVD",
"id": "CVE-2017-14616"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2017-11-29T00:00:00",
"db": "CNVD",
"id": "CNVD-2017-35372"
},
{
"date": "2017-10-18T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2017-008436"
},
{
"date": "2017-09-28T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201709-943"
},
{
"date": "2024-11-21T03:13:12.590000",
"db": "NVD",
"id": "CVE-2017-14616"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201709-943"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "WatchGuard Fireware Vulnerable to resource exhaustion",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2017-008436"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "lack of information",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201709-943"
}
],
"trust": 0.6
}
}