Watchguard Fireware
7 CVEs affecting Watchguard Fireware. Latest disclosed: 2017-09-20. Critical: 0, High: 1.
| CVE | Severity | Score | Published | Summary |
|---|---|---|---|---|
CVE-2017-14616 | High | 7.5 | 2017-09-20 | An FBX-5312 issue was discovered in WatchGuard Fireware before 12.0. If a login attempt is made in the XML-RPC interface with an XML message containing an empt… |
CVE-2017-14615 | Medium | 6.1 | 2017-09-20 | An FBX-5313 issue was discovered in WatchGuard Fireware before 12.0. When a failed login attempt is made to the login endpoint of the XML-RPC interface, if Jav… |
CVE-2017-8056 | Medium | 5.3 | 2017-04-22 | WatchGuard Fireware v11.12.1 and earlier mishandles requests referring to an XML External Entity (XXE), in the XML-RPC agent. This causes the Firebox wgagent p… |
CVE-2017-8055 | Medium | 5.3 | 2017-04-22 | WatchGuard Fireware allows user enumeration, e.g., in the Firebox XML-RPC login handler. A login request that contains a blank password sent to the XML-RPC age… |
CVE-2014-0338 | | 2014-03-16 | Multiple cross-site scripting (XSS) vulnerabilities in the firewall policy management pages in WatchGuard Fireware XTM before 11.8.3 allow remote attackers to… | |
CVE-2013-6021 | | 2013-10-19 | Buffer overflow in WGagent in WatchGuard WSM and Fireware before 11.8 allows remote attackers to execute arbitrary code via a long sessionid value in a cookie. | |
CVE-2013-5702 | | 2013-10-19 | Multiple cross-site scripting (XSS) vulnerabilities in WebCenter in WatchGuard WSM and Fireware before 11.8 allow remote attackers to inject arbitrary web scri… |