CPE Details
WatchGuard Fireware 11.12.4
11.12.4
2019-11-06
14h09 +00:00
14h09 +00:00
2019-11-06
14h09 +00:00
14h09 +00:00
Alerte pour un CPE
Stay informed of any changes for a specific CPE.
CPE Name: cpe:2.3:o:watchguard:fireware:11.12.4:*:*:*:*:*:*:*
Informations
Vendor
watchguardProduct
firewareVersion
11.12.4Related CVE
| CVE ID | Published | Description | Score | Severity |
|---|---|---|---|---|
| A buffer overflow in WatchGuard Fireware OS could may allow an authenticated remote attacker with privileged management access to execute arbitrary code with system privileges on the firewall. This issue affects Fireware OS: from 11.9.6 through 12.10.3. | 7.2 |
High |
||
| An FBX-5313 issue was discovered in WatchGuard Fireware before 12.0. When a failed login attempt is made to the login endpoint of the XML-RPC interface, if JavaScript code, properly encoded to be consumed by XML parsers, is embedded as value of the user element, the code will be rendered in the context of any logged in user in the Web UI visiting "Traffic Monitor" sections "Events" and "All." As a side effect, no further events will be visible in the Traffic Monitor until the device is restarted. | 6.1 |
Medium |
||
| An FBX-5312 issue was discovered in WatchGuard Fireware before 12.0. If a login attempt is made in the XML-RPC interface with an XML message containing an empty member element, the wgagent crashes, logging out any user with a session opened in the UI. By continuously executing the failed login attempts, UI management of the device becomes impossible. | 7.5 |
High |
2025©
tesweb SA
