Security Advisories https://www.watchguard.com/ en Firebox Authenticated Arbitrary File Read Vulnerability https://www.watchguard.com/wgrd-psirt/advisory/wgsa-2023-00002 <span class="field field--name-title field--type-string field--label-hidden">Firebox Authenticated Arbitrary File Read Vulnerability</span> <div class="field field--name-field-adv-id field--type-string field--label-inline"> <div class="field__label">Advisory ID</div> <div class="field__item odd field__item--1">WGSA-2023-00002</div> </div> <span class="field field--name-uid field--type-entity-reference field--label-hidden"><span>WatchGuard</span></span> <span class="field field--name-created field--type-created field--label-hidden">Thu, 05/04/2023 - 17:10</span> <div class="field field--name-field-adv-cve field--type-string-long field--label-inline"> <div class="field__label">CVE</div> <div class="field__item odd field__item--1">CVE-2023-2357</div> </div> <div class="field field--name-field-adv-impact field--type-list-integer field--label-inline"> <div class="field__label">Impact</div> <div class="field__item odd field__item--1">Medium</div> </div> <div class="field field--name-field-adv-status field--type-list-string field--label-inline"> <div class="field__label">Status</div> <div class="field__item odd field__item--1">Resolved</div> </div> <div class="field field--name-field-adv-product-family field--type-entity-reference field--label-inline"> <div class="field__label">Product Family</div> <div class='field__items d-inline'> <span class="field__item">Firebox</span> </div> </div> <div class="field field--name-field-adv-published-date field--type-datetime field--label-inline"> <div class="field__label">Published Date</div> <div class="field__item odd field__item--1"><time datetime="2023-05-05T00:06:32Z" class="datetime">2023-05-05</time> </div> </div> <div class="field field--name-field-adv-updated-date field--type-datetime field--label-inline"> <div class="field__label">Updated Date</div> <div class="field__item odd field__item--1"><time datetime="2023-05-04T06:57:17Z" class="datetime">2023-05-04</time> </div> </div> <div class="field field--name-field-adv-workaround-available field--type-boolean field--label-inline"> <div class="field__label">Workaround Available</div> <div class="field__item odd field__item--1">True</div> </div> <div class="field field--name-field-adv-cvss-score field--type-decimal field--label-inline"> <div class="field__label">CVSS Score</div> <div class="field__item odd field__item--1">4.9</div> </div> <div class="field field--name-field-adv-cvss-vector field--type-string field--label-inline"> <div class="field__label">CVSS Vector</div> <div class="field__item odd field__item--1">AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N </div> </div> <div class="clearfix text-formatted field field--name-body field--type-text-with-summary field--label-inline"> <div class="field__label">Summary</div> <div class="field__item odd field__item--1"><p>WatchGuard Firebox and XTM appliances allow an authenticated remote attacker to read arbitrary text files from the filesystem via the Fireware management command line interface.</p></div> </div> <div class="clearfix text-formatted field field--name-field-adv-affected field--type-text-long field--label-inline"> <div class="field__label">Affected</div> <div class="field__item odd field__item--1"><p>Fireware OS before 12.9.3</p></div> </div> <div class="clearfix text-formatted field field--name-field-adv-resolution field--type-text-long field--label-inline"> <div class="field__label">Resolution</div> <div class="field__item odd field__item--1"><p>Fireware OS 12.9.3</p></div> </div> <div class="clearfix text-formatted field field--name-field-adv-workaround field--type-text-long field--label-inline"> <div class="field__label">Workaround</div> <div class="field__item odd field__item--1"><p>In order to successfully exploit this vulnerability, an attacker must successfully authenticate using a management account (read-only or read-write) to the Fireware command line interface. Firebox administrators should follow the best practices <a href="https://techsearch.watchguard.com/KB?type=Article&amp;SFDCID=kA10H000000XeAtSAK&amp;lang=en_US">described here</a> to securely enable remote Firebox management where needed.</p></div> </div> <div class="field field--name-field-adv-credits field--type-string field--label-inline"> <div class="field__label">Credits</div> <div class='field__items d-inline'> <span class="field__item">Reported by independent security researcher Ren9IE</span> </div> </div> <div class="field field--name-field-adv-products field--type-entity-reference field--label-above mt-3"> <div class="field__label mb-1">Advisory Product List</div> <div class="striped-table zebra mt-2"> <div class="row head align-items-end"> <div class="d-inline column column--family">Product Family</div> <div class="d-inline column column--branch">Product Branch</div> <div class="d-inline column column--list column--initial">Product List</div> </div> <div role="article" class="node node--type-advisory-product-branch row align-items-center"> <div class="d-inline column column--family"><div class="field field--name-field-adv-product-family field--type-entity-reference field--label-hidden"> <div class='field__items d-inline'> <span class="field__item">Firebox</span> </div> </div> </div> <div class="d-inline column column--branch"><span class="field field--name-title field--type-string field--label-hidden">XTM 8 Series (2nd Gen)</span> </div> <div class="d-inline column column--list column--initial"><div class="field field--name-field-adv-product-list field--type-string field--label-hidden"> <div class='field__items d-inline'> <span class="field__item">XTM850,</span> <span class="field__item">XTM860,</span> <span class="field__item">XTM870,</span> <span class="field__item">XTM870-F</span> </div> </div> </div> </div> <div role="article" class="node node--type-advisory-product-branch row align-items-center"> <div class="d-inline column column--family"><div class="field field--name-field-adv-product-family field--type-entity-reference field--label-hidden"> <div class='field__items d-inline'> <span class="field__item">Firebox</span> </div> </div> </div> <div class="d-inline column column--branch"><span class="field field--name-title field--type-string field--label-hidden">XTM 1500 and 2520</span> </div> <div class="d-inline column column--list column--initial"><div class="field field--name-field-adv-product-list field--type-string field--label-hidden"> <div class='field__items d-inline'> <span class="field__item">XTM1520-RP,</span> <span class="field__item">XTM1525-RP,</span> <span class="field__item">XTM2520</span> </div> </div> </div> </div> <div role="article" class="node node--type-advisory-product-branch row align-items-center"> <div class="d-inline column column--family"><div class="field field--name-field-adv-product-family field--type-entity-reference field--label-hidden"> <div class='field__items d-inline'> <span class="field__item">Firebox</span> </div> </div> </div> <div class="d-inline column column--branch"><span class="field field--name-title field--type-string field--label-hidden">Firebox T (1st Gen)</span> </div> <div class="d-inline column column--list column--initial"><div class="field field--name-field-adv-product-list field--type-string field--label-hidden"> <div class='field__items d-inline'> <span class="field__item">T10,</span> <span class="field__item">T10-W,</span> <span class="field__item">T10-D,</span> <span class="field__item">T30,</span> <span class="field__item">T30-W,</span> <span class="field__item">T50,</span> <span class="field__item">T50-W</span> </div> </div> </div> </div> <div role="article" class="node node--type-advisory-product-branch row align-items-center"> <div class="d-inline column column--family"><div class="field field--name-field-adv-product-family field--type-entity-reference field--label-hidden"> <div class='field__items d-inline'> <span class="field__item">Firebox</span> </div> </div> </div> <div class="d-inline column column--branch"><span class="field field--name-title field--type-string field--label-hidden">Firebox T (2nd Gen)</span> </div> <div class="d-inline column column--list column--initial"><div class="field field--name-field-adv-product-list field--type-string field--label-hidden"> <div class='field__items d-inline'> <span class="field__item">T15,</span> <span class="field__item">T15-W,</span> <span class="field__item">T35,</span> <span class="field__item">T35-W,</span> <span class="field__item">T35-R,</span> <span class="field__item">T55,</span> <span class="field__item">T55-W,</span> <span class="field__item">T70</span> </div> </div> </div> </div> <div role="article" class="node node--type-advisory-product-branch row align-items-center"> <div class="d-inline column column--family"><div class="field field--name-field-adv-product-family field--type-entity-reference field--label-hidden"> <div class='field__items d-inline'> <span class="field__item">Firebox</span> </div> </div> </div> <div class="d-inline column column--branch"><span class="field field--name-title field--type-string field--label-hidden">Firebox T (3rd Gen)</span> </div> <div class="d-inline column column--list column--initial"><div class="field field--name-field-adv-product-list field--type-string field--label-hidden"> <div class='field__items d-inline'> <span class="field__item">T20,</span> <span class="field__item">T20-W,</span> <span class="field__item">T40,</span> <span class="field__item">T40-W,</span> <span class="field__item">T80</span> </div> </div> </div> </div> <div role="article" class="node node--type-advisory-product-branch row align-items-center"> <div class="d-inline column column--family"><div class="field field--name-field-adv-product-family field--type-entity-reference field--label-hidden"> <div class='field__items d-inline'> <span class="field__item">Firebox</span> </div> </div> </div> <div class="d-inline column column--branch"><span class="field field--name-title field--type-string field--label-hidden">Firebox M (1st Gen)</span> </div> <div class="d-inline column column--list column--initial"><div class="field field--name-field-adv-product-list field--type-string field--label-hidden"> <div class='field__items d-inline'> <span class="field__item">M200,</span> <span class="field__item">M300,</span> <span class="field__item">M400,</span> <span class="field__item">M440,</span> <span class="field__item">M500</span> </div> </div> </div> </div> <div role="article" class="node node--type-advisory-product-branch row align-items-center"> <div class="d-inline column column--family"><div class="field field--name-field-adv-product-family field--type-entity-reference field--label-hidden"> <div class='field__items d-inline'> <span class="field__item">Firebox</span> </div> </div> </div> <div class="d-inline column column--branch"><span class="field field--name-title field--type-string field--label-hidden">Firebox M (2nd Gen)</span> </div> <div class="d-inline column column--list column--initial"><div class="field field--name-field-adv-product-list field--type-string field--label-hidden"> <div class='field__items d-inline'> <span class="field__item">M270,</span> <span class="field__item">M370,</span> <span class="field__item">M470,</span> <span class="field__item">M570,</span> <span class="field__item">M670</span> </div> </div> </div> </div> <div role="article" class="node node--type-advisory-product-branch row align-items-center"> <div class="d-inline column column--family"><div class="field field--name-field-adv-product-family field--type-entity-reference field--label-hidden"> <div class='field__items d-inline'> <span class="field__item">Firebox</span> </div> </div> </div> <div class="d-inline column column--branch"><span class="field field--name-title field--type-string field--label-hidden">Firebox M (3rd Gen)</span> </div> <div class="d-inline column column--list column--initial"><div class="field field--name-field-adv-product-list field--type-string field--label-hidden"> <div class='field__items d-inline'> <span class="field__item">M290,</span> <span class="field__item">M390,</span> <span class="field__item">M590,</span> <span class="field__item">M690,</span> <span class="field__item">M4800,</span> <span class="field__item">M5800</span> </div> </div> </div> </div> <div role="article" class="node node--type-advisory-product-branch row align-items-center"> <div class="d-inline column column--family"><div class="field field--name-field-adv-product-family field--type-entity-reference field--label-hidden"> <div class='field__items d-inline'> <span class="field__item">Firebox</span> </div> </div> </div> <div class="d-inline column column--branch"><span class="field field--name-title field--type-string field--label-hidden">XTMv</span> </div> <div class="d-inline column column--list column--initial"><div class="field field--name-field-adv-product-list field--type-string field--label-hidden"> <div class='field__items d-inline'> <span class="field__item">Small,</span> <span class="field__item">Medium,</span> <span class="field__item">Large,</span> <span class="field__item">Datacenter</span> </div> </div> </div> </div> <div role="article" class="node node--type-advisory-product-branch row align-items-center"> <div class="d-inline column column--family"><div class="field field--name-field-adv-product-family field--type-entity-reference field--label-hidden"> <div class='field__items d-inline'> <span class="field__item">Firebox</span> </div> </div> </div> <div class="d-inline column column--branch"><span class="field field--name-title field--type-string field--label-hidden">FireboxV</span> </div> <div class="d-inline column column--list column--initial"><div class="field field--name-field-adv-product-list field--type-string field--label-hidden"> <div class='field__items d-inline'> <span class="field__item">Small,</span> <span class="field__item">Medium,</span> <span class="field__item">Large,</span> <span class="field__item">XLarge</span> </div> </div> </div> </div> <div role="article" class="node node--type-advisory-product-branch row align-items-center"> <div class="d-inline column column--family"><div class="field field--name-field-adv-product-family field--type-entity-reference field--label-hidden"> <div class='field__items d-inline'> <span class="field__item">Firebox</span> </div> </div> </div> <div class="d-inline column column--branch"><span class="field field--name-title field--type-string field--label-hidden">Firebox T (4th Gen)</span> </div> <div class="d-inline column column--list column--initial"><div class="field field--name-field-adv-product-list field--type-string field--label-hidden"> <div class='field__items d-inline'> <span class="field__item">NV5,</span> <span class="field__item">T25,</span> <span class="field__item">T45,</span> <span class="field__item">T85</span> </div> </div> </div> </div> <div role="article" class="node node--type-advisory-product-branch row align-items-center"> <div class="d-inline column column--family"><div class="field field--name-field-adv-product-family field--type-entity-reference field--label-hidden"> <div class='field__items d-inline'> <span class="field__item">Firebox</span> </div> </div> </div> <div class="d-inline column column--branch"><span class="field field--name-title field--type-string field--label-hidden">FireboxCloud</span> </div> <div class="d-inline column column--list column--initial"><div class="field field--name-field-adv-product-list field--type-string field--label-hidden"> <div class='field__items d-inline'> <span class="field__item">Small,</span> <span class="field__item">Medium,</span> <span class="field__item">Large,</span> <span class="field__item">XLarge</span> </div> </div> </div> </div> </div> </div> Fri, 05 May 2023 00:10:08 +0000 WatchGuard 81656 at https://www.watchguard.com OpenSSH Server 9.1 Double Free Vulnerability (CVE-2023-25136) https://www.watchguard.com/wgrd-psirt/advisory/wgsa-2023-00001 <span class="field field--name-title field--type-string field--label-hidden">OpenSSH Server 9.1 Double Free Vulnerability (CVE-2023-25136)</span> <div class="field field--name-field-adv-id field--type-string field--label-inline"> <div class="field__label">Advisory ID</div> <div class="field__item odd field__item--1">WGSA-2023-00001</div> </div> <span class="field field--name-uid field--type-entity-reference field--label-hidden"><span>WatchGuard</span></span> <span class="field field--name-created field--type-created field--label-hidden">Wed, 03/22/2023 - 12:51</span> <div class="field field--name-field-adv-cve field--type-string-long field--label-inline"> <div class="field__label">CVE</div> <div class="field__item odd field__item--1">CVE-2023-25136</div> </div> <div class="field field--name-field-adv-impact field--type-list-integer field--label-inline"> <div class="field__label">Impact</div> <div class="field__item odd field__item--1">Medium</div> </div> <div class="field field--name-field-adv-status field--type-list-string field--label-inline"> <div class="field__label">Status</div> <div class="field__item odd field__item--1">Not Applicable</div> </div> <div class="field field--name-field-adv-product-family field--type-entity-reference field--label-inline"> <div class="field__label">Product Family</div> <div class='field__items d-inline'> <span class="field__item">Firebox,</span> <span class="field__item">Dimension</span> </div> </div> <div class="field field--name-field-adv-published-date field--type-datetime field--label-inline"> <div class="field__label">Published Date</div> <div class="field__item odd field__item--1"><time datetime="2023-03-22T19:47:45Z" class="datetime">2023-03-22</time> </div> </div> <div class="field field--name-field-adv-updated-date field--type-datetime field--label-inline"> <div class="field__label">Updated Date</div> <div class="field__item odd field__item--1"><time datetime="2023-03-22T19:10:03Z" class="datetime">2023-03-22</time> </div> </div> <div class="field field--name-field-adv-workaround-available field--type-boolean field--label-inline"> <div class="field__label">Workaround Available</div> <div class="field__item odd field__item--1">False</div> </div> <div class="field field--name-field-adv-cvss-score field--type-decimal field--label-inline"> <div class="field__label">CVSS Score</div> <div class="field__item odd field__item--1">6.5</div> </div> <div class="field field--name-field-adv-cvss-vector field--type-string field--label-inline"> <div class="field__label">CVSS Vector</div> <div class="field__item odd field__item--1">CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:H </div> </div> <div class="clearfix text-formatted field field--name-body field--type-text-with-summary field--label-inline"> <div class="field__label">Summary</div> <div class="field__item odd field__item--1"><p>On February 3, 2023, researchers at Qualys disclosed CVE-2023-25136, a double free vulnerability in OpenSSH Server v9.1. The exploit is non-trivial but a successful exploit could allow an unauthenticated attacker to execute arbitrary code on an unprotected system.</p></div> </div> <div class="clearfix text-formatted field field--name-field-adv-affected field--type-text-long field--label-inline"> <div class="field__label">Affected</div> <div class="field__item odd field__item--1"><table><thead><tr><th>Product</th> <th>Affected Version(s)</th> <th>Note</th> </tr></thead><tbody><tr><td>Firebox</td> <td>Not Impacted</td> <td>The Firebox does not use a vulnerable version of OpenSSH. Note, some vulnerability scanners may incorrectly report the Firebox's OpenSSH server as vulnerable</td> </tr><tr><td>Dimension</td> <td>Not Impacted</td> <td>Dimension uses a patched version of OpenSSH that is not affected by this vulnerability</td> </tr></tbody></table></div> </div> <div class="clearfix text-formatted field field--name-field-adv-resolution field--type-text-long field--label-inline"> <div class="field__label">Resolution</div> <div class="field__item odd field__item--1"><table><thead><tr><th>Product</th> <th>Affected Version(s)</th> <th>Note</th> </tr></thead><tbody><tr><td>Firebox</td> <td>Not Impacted</td> <td>The Firebox does not use a vulnerable version of OpenSSH. Note, some vulnerability scanners may incorrectly report the Firebox's OpenSSH server as vulnerable</td> </tr><tr><td>Dimension</td> <td>Not Impacted</td> <td>Dimension uses a patched version of OpenSSH that is not affected by this vulnerability</td> </tr></tbody></table></div> </div> <div class="field field--name-field-adv-references field--type-link field--label-inline"> <div class="field__label">References</div> <div class='field__items'> <div class="field__item odd field__item--1"><a href="https://blog.qualys.com/vulnerabilities-threat-research/2023/02/03/cve-2023-25136-pre-auth-double-free-vulnerability-in-openssh-server-9-1">https://blog.qualys.com/vulnerabilities-threat-research/2023/02/03/cve-2023-251…</a></div> </div> </div> <div class="field field--name-field-adv-products field--type-entity-reference field--label-above mt-3"> <div class="field__label mb-1">Advisory Product List</div> <div class="striped-table zebra mt-2"> <div class="row head align-items-end"> <div class="d-inline column column--family">Product Family</div> <div class="d-inline column column--branch">Product Branch</div> <div class="d-inline column column--list column--initial">Product List</div> </div> <div role="article" class="node node--type-advisory-product-branch row align-items-center"> <div class="d-inline column column--family"><div class="field field--name-field-adv-product-family field--type-entity-reference field--label-hidden"> <div class='field__items d-inline'> <span class="field__item">Firebox</span> </div> </div> </div> <div class="d-inline column column--branch"><span class="field field--name-title field--type-string field--label-hidden">XTM 8 Series (2nd Gen)</span> </div> <div class="d-inline column column--list column--initial"><div class="field field--name-field-adv-product-list field--type-string field--label-hidden"> <div class='field__items d-inline'> <span class="field__item">XTM850,</span> <span class="field__item">XTM860,</span> <span class="field__item">XTM870,</span> <span class="field__item">XTM870-F</span> </div> </div> </div> </div> <div role="article" class="node node--type-advisory-product-branch row align-items-center"> <div class="d-inline column column--family"><div class="field field--name-field-adv-product-family field--type-entity-reference field--label-hidden"> <div class='field__items d-inline'> <span class="field__item">Firebox</span> </div> </div> </div> <div class="d-inline column column--branch"><span class="field field--name-title field--type-string field--label-hidden">XTM 1500 and 2520</span> </div> <div class="d-inline column column--list column--initial"><div class="field field--name-field-adv-product-list field--type-string field--label-hidden"> <div class='field__items d-inline'> <span class="field__item">XTM1520-RP,</span> <span class="field__item">XTM1525-RP,</span> <span class="field__item">XTM2520</span> </div> </div> </div> </div> <div role="article" class="node node--type-advisory-product-branch row align-items-center"> <div class="d-inline column column--family"><div class="field field--name-field-adv-product-family field--type-entity-reference field--label-hidden"> <div class='field__items d-inline'> <span class="field__item">Firebox</span> </div> </div> </div> <div class="d-inline column column--branch"><span class="field field--name-title field--type-string field--label-hidden">Firebox T (1st Gen)</span> </div> <div class="d-inline column column--list column--initial"><div class="field field--name-field-adv-product-list field--type-string field--label-hidden"> <div class='field__items d-inline'> <span class="field__item">T10,</span> <span class="field__item">T10-W,</span> <span class="field__item">T10-D,</span> <span class="field__item">T30,</span> <span class="field__item">T30-W,</span> <span class="field__item">T50,</span> <span class="field__item">T50-W</span> </div> </div> </div> </div> <div role="article" class="node node--type-advisory-product-branch row align-items-center"> <div class="d-inline column column--family"><div class="field field--name-field-adv-product-family field--type-entity-reference field--label-hidden"> <div class='field__items d-inline'> <span class="field__item">Firebox</span> </div> </div> </div> <div class="d-inline column column--branch"><span class="field field--name-title field--type-string field--label-hidden">Firebox T (2nd Gen)</span> </div> <div class="d-inline column column--list column--initial"><div class="field field--name-field-adv-product-list field--type-string field--label-hidden"> <div class='field__items d-inline'> <span class="field__item">T15,</span> <span class="field__item">T15-W,</span> <span class="field__item">T35,</span> <span class="field__item">T35-W,</span> <span class="field__item">T35-R,</span> <span class="field__item">T55,</span> <span class="field__item">T55-W,</span> <span class="field__item">T70</span> </div> </div> </div> </div> <div role="article" class="node node--type-advisory-product-branch row align-items-center"> <div class="d-inline column column--family"><div class="field field--name-field-adv-product-family field--type-entity-reference field--label-hidden"> <div class='field__items d-inline'> <span class="field__item">Firebox</span> </div> </div> </div> <div class="d-inline column column--branch"><span class="field field--name-title field--type-string field--label-hidden">Firebox T (3rd Gen)</span> </div> <div class="d-inline column column--list column--initial"><div class="field field--name-field-adv-product-list field--type-string field--label-hidden"> <div class='field__items d-inline'> <span class="field__item">T20,</span> <span class="field__item">T20-W,</span> <span class="field__item">T40,</span> <span class="field__item">T40-W,</span> <span class="field__item">T80</span> </div> </div> </div> </div> <div role="article" class="node node--type-advisory-product-branch row align-items-center"> <div class="d-inline column column--family"><div class="field field--name-field-adv-product-family field--type-entity-reference field--label-hidden"> <div class='field__items d-inline'> <span class="field__item">Firebox</span> </div> </div> </div> <div class="d-inline column column--branch"><span class="field field--name-title field--type-string field--label-hidden">Firebox M (1st Gen)</span> </div> <div class="d-inline column column--list column--initial"><div class="field field--name-field-adv-product-list field--type-string field--label-hidden"> <div class='field__items d-inline'> <span class="field__item">M200,</span> <span class="field__item">M300,</span> <span class="field__item">M400,</span> <span class="field__item">M440,</span> <span class="field__item">M500</span> </div> </div> </div> </div> <div role="article" class="node node--type-advisory-product-branch row align-items-center"> <div class="d-inline column column--family"><div class="field field--name-field-adv-product-family field--type-entity-reference field--label-hidden"> <div class='field__items d-inline'> <span class="field__item">Firebox</span> </div> </div> </div> <div class="d-inline column column--branch"><span class="field field--name-title field--type-string field--label-hidden">Firebox M (2nd Gen)</span> </div> <div class="d-inline column column--list column--initial"><div class="field field--name-field-adv-product-list field--type-string field--label-hidden"> <div class='field__items d-inline'> <span class="field__item">M270,</span> <span class="field__item">M370,</span> <span class="field__item">M470,</span> <span class="field__item">M570,</span> <span class="field__item">M670</span> </div> </div> </div> </div> <div role="article" class="node node--type-advisory-product-branch row align-items-center"> <div class="d-inline column column--family"><div class="field field--name-field-adv-product-family field--type-entity-reference field--label-hidden"> <div class='field__items d-inline'> <span class="field__item">Firebox</span> </div> </div> </div> <div class="d-inline column column--branch"><span class="field field--name-title field--type-string field--label-hidden">Firebox M (3rd Gen)</span> </div> <div class="d-inline column column--list column--initial"><div class="field field--name-field-adv-product-list field--type-string field--label-hidden"> <div class='field__items d-inline'> <span class="field__item">M290,</span> <span class="field__item">M390,</span> <span class="field__item">M590,</span> <span class="field__item">M690,</span> <span class="field__item">M4800,</span> <span class="field__item">M5800</span> </div> </div> </div> </div> <div role="article" class="node node--type-advisory-product-branch row align-items-center"> <div class="d-inline column column--family"><div class="field field--name-field-adv-product-family field--type-entity-reference field--label-hidden"> <div class='field__items d-inline'> <span class="field__item">Firebox</span> </div> </div> </div> <div class="d-inline column column--branch"><span class="field field--name-title field--type-string field--label-hidden">XTMv</span> </div> <div class="d-inline column column--list column--initial"><div class="field field--name-field-adv-product-list field--type-string field--label-hidden"> <div class='field__items d-inline'> <span class="field__item">Small,</span> <span class="field__item">Medium,</span> <span class="field__item">Large,</span> <span class="field__item">Datacenter</span> </div> </div> </div> </div> <div role="article" class="node node--type-advisory-product-branch row align-items-center"> <div class="d-inline column column--family"><div class="field field--name-field-adv-product-family field--type-entity-reference field--label-hidden"> <div class='field__items d-inline'> <span class="field__item">Firebox</span> </div> </div> </div> <div class="d-inline column column--branch"><span class="field field--name-title field--type-string field--label-hidden">FireboxCloud</span> </div> <div class="d-inline column column--list column--initial"><div class="field field--name-field-adv-product-list field--type-string field--label-hidden"> <div class='field__items d-inline'> <span class="field__item">Small,</span> <span class="field__item">Medium,</span> <span class="field__item">Large,</span> <span class="field__item">XLarge</span> </div> </div> </div> </div> <div role="article" class="node node--type-advisory-product-branch row align-items-center"> <div class="d-inline column column--family"><div class="field field--name-field-adv-product-family field--type-entity-reference field--label-hidden"> <div class='field__items d-inline'> <span class="field__item">Firebox</span> </div> </div> </div> <div class="d-inline column column--branch"><span class="field field--name-title field--type-string field--label-hidden">FireboxV</span> </div> <div class="d-inline column column--list column--initial"><div class="field field--name-field-adv-product-list field--type-string field--label-hidden"> <div class='field__items d-inline'> <span class="field__item">Small,</span> <span class="field__item">Medium,</span> <span class="field__item">Large,</span> <span class="field__item">XLarge</span> </div> </div> </div> </div> <div role="article" class="node node--type-advisory-product-branch row align-items-center"> <div class="d-inline column column--family"><div class="field field--name-field-adv-product-family field--type-entity-reference field--label-hidden"> <div class='field__items d-inline'> <span class="field__item">Firebox</span> </div> </div> </div> <div class="d-inline column column--branch"><span class="field field--name-title field--type-string field--label-hidden">Firebox T (4th Gen)</span> </div> <div class="d-inline column column--list column--initial"><div class="field field--name-field-adv-product-list field--type-string field--label-hidden"> <div class='field__items d-inline'> <span class="field__item">NV5,</span> <span class="field__item">T25,</span> <span class="field__item">T45,</span> <span class="field__item">T85</span> </div> </div> </div> </div> <div role="article" class="node node--type-advisory-product-branch row align-items-center"> <div class="d-inline column column--family"><div class="field field--name-field-adv-product-family field--type-entity-reference field--label-hidden"> <div class='field__items d-inline'> <span class="field__item">Dimension</span> </div> </div> </div> <div class="d-inline column column--branch"><span class="field field--name-title field--type-string field--label-hidden">Dimension</span> </div> <div class="d-inline column column--list column--initial"><div class="field field--name-field-adv-product-list field--type-string field--label-hidden"> <div class='field__items d-inline'> <span class="field__item">Dimension</span> </div> </div> </div> </div> </div> </div> Wed, 22 Mar 2023 19:51:03 +0000 WatchGuard 80071 at https://www.watchguard.com OpenSSL CVE-2022-3602 and CVE-2022-3786 https://www.watchguard.com/wgrd-psirt/advisory/wgsa-2022-00021 <span class="field field--name-title field--type-string field--label-hidden">OpenSSL CVE-2022-3602 and CVE-2022-3786</span> <div class="field field--name-field-adv-id field--type-string field--label-inline"> <div class="field__label">Advisory ID</div> <div class="field__item odd field__item--1">WGSA-2022-00021</div> </div> <span class="field field--name-uid field--type-entity-reference field--label-hidden"><span>WatchGuard</span></span> <span class="field field--name-created field--type-created field--label-hidden">Tue, 11/01/2022 - 10:01</span> <div class="field field--name-field-adv-cve field--type-string-long field--label-inline"> <div class="field__label">CVE</div> <div class="field__item odd field__item--1">CVE-2022-3602, CVE-2022-3786</div> </div> <div class="field field--name-field-adv-impact field--type-list-integer field--label-inline"> <div class="field__label">Impact</div> <div class="field__item odd field__item--1">High</div> </div> <div class="field field--name-field-adv-status field--type-list-string field--label-inline"> <div class="field__label">Status</div> <div class="field__item odd field__item--1">Investigating</div> </div> <div class="field field--name-field-adv-product-family field--type-entity-reference field--label-inline"> <div class="field__label">Product Family</div> <div class='field__items d-inline'> <span class="field__item">Firebox,</span> <span class="field__item">Endpoint,</span> <span class="field__item">WatchGuard Cloud,</span> <span class="field__item">Dimension,</span> <span class="field__item">Other Software,</span> <span class="field__item">Secure Wi-Fi</span> </div> </div> <div class="field field--name-field-adv-published-date field--type-datetime field--label-inline"> <div class="field__label">Published Date</div> <div class="field__item odd field__item--1"><time datetime="2022-11-01T16:28:48Z" class="datetime">2022-11-01</time> </div> </div> <div class="field field--name-field-adv-updated-date field--type-datetime field--label-inline"> <div class="field__label">Updated Date</div> <div class="field__item odd field__item--1"><time datetime="2022-11-02T19:23:40Z" class="datetime">2022-11-02</time> </div> </div> <div class="field field--name-field-adv-workaround-available field--type-boolean field--label-inline"> <div class="field__label">Workaround Available</div> <div class="field__item odd field__item--1">True</div> </div> <div class="field field--name-field-adv-cvss-score field--type-decimal field--label-inline"> <div class="field__label">CVSS Score</div> <div class="field__item odd field__item--1">9.0</div> </div> <div class="field field--name-field-adv-cvss-vector field--type-string field--label-inline"> <div class="field__label">CVSS Vector</div> <div class="field__item odd field__item--1">TBD</div> </div> <div class="clearfix text-formatted field field--name-body field--type-text-with-summary field--label-inline"> <div class="field__label">Summary</div> <div class="field__item odd field__item--1"><p><em>Updated 2 November 2022, 12:22 PDT: Added response for Endpoint products</em></p> <p>On 1 November 2022, OpenSSL disclosed CVE-2022-3602 and CVE-2022-3786, two high severity buffer overflow vulnerabilities in certificate validation present in OpenSSL 3.0.x up to and including 3.0.6. An attacker could exploit either vulnerability with a maliciously-crafted certificate that has been signed by a trusted certificate authority.</p> <p>Pre-announcements of CVE-2022-3602 described this issue as CRITICAL. Further analysis based on some of the mitigating factors have led this to be downgraded to HIGH.</p></div> </div> <div class="clearfix text-formatted field field--name-field-adv-affected field--type-text-long field--label-inline"> <div class="field__label">Affected</div> <div class="field__item odd field__item--1"><table><thead><tr><th>Product</th> <th>Affected Version(s)</th> <th>Note</th> </tr></thead><tbody><tr><td>Firebox</td> <td>Not Impacted</td> <td>The Firebox does not use a vulnerable version of OpenSSL</td> </tr><tr><td>WSM</td> <td>Not Impacted</td> <td>WSM does not use a vulnerable version of OpenSSL</td> </tr><tr><td>Dimension</td> <td>Not Impacted</td> <td>Dimension does not use a vulnerable version of OpenSSL</td> </tr><tr><td>Cloud Wi-Fi APs</td> <td>Not Impacted</td> <td>WatchGuard APs do not use a vulnerable version of OpenSSL</td> </tr><tr><td>Endpoint</td> <td>Not Impacted</td> <td>WatchGuard EPDR and Panda AD360 do not use a vulnerable version of OpenSSL</td> </tr></tbody></table></div> </div> <div class="clearfix text-formatted field field--name-field-adv-resolution field--type-text-long field--label-inline"> <div class="field__label">Resolution</div> <div class="field__item odd field__item--1"><table><thead><tr><th>Product</th> <th>Affected Version(s)</th> <th>Note</th> </tr></thead><tbody><tr><td>Firebox</td> <td>Not Impacted</td> <td>The Firebox does not use a vulnerable version of OpenSSL</td> </tr><tr><td>WSM</td> <td>Not Impacted</td> <td>WSM does not use a vulnerable version of OpenSSL</td> </tr><tr><td>Dimension</td> <td>Not Impacted</td> <td>Dimension does not use a vulnerable version of OpenSSL</td> </tr><tr><td>Cloud Wi-Fi APs</td> <td>Not Impacted</td> <td>WatchGuard APs do not use a vulnerable version of OpenSSL</td> </tr><tr><td>Endpoint</td> <td>Not Impacted</td> <td>WatchGuard EPDR and Panda AD360 do not use a vulnerable version of OpenSSL</td> </tr></tbody></table></div> </div> <div class="field field--name-field-adv-references field--type-link field--label-inline"> <div class="field__label">References</div> <div class='field__items'> <div class="field__item odd field__item--1"><a href="https://www.openssl.org/news/secadv/20221101.txt">https://www.openssl.org/news/secadv/20221101.txt</a></div> </div> </div> <div class="field field--name-field-adv-products field--type-entity-reference field--label-above mt-3"> <div class="field__label mb-1">Advisory Product List</div> <div class="striped-table zebra mt-2"> <div class="row head align-items-end"> <div class="d-inline column column--family">Product Family</div> <div class="d-inline column column--branch">Product Branch</div> <div class="d-inline column column--list column--initial">Product List</div> </div> <div role="article" class="node node--type-advisory-product-branch row align-items-center"> <div class="d-inline column column--family"><div class="field field--name-field-adv-product-family field--type-entity-reference field--label-hidden"> <div class='field__items d-inline'> <span class="field__item">Firebox</span> </div> </div> </div> <div class="d-inline column column--branch"><span class="field field--name-title field--type-string field--label-hidden">XTM 8 Series (2nd Gen)</span> </div> <div class="d-inline column column--list column--initial"><div class="field field--name-field-adv-product-list field--type-string field--label-hidden"> <div class='field__items d-inline'> <span class="field__item">XTM850,</span> <span class="field__item">XTM860,</span> <span class="field__item">XTM870,</span> <span class="field__item">XTM870-F</span> </div> </div> </div> </div> <div role="article" class="node node--type-advisory-product-branch row align-items-center"> <div class="d-inline column column--family"><div class="field field--name-field-adv-product-family field--type-entity-reference field--label-hidden"> <div class='field__items d-inline'> <span class="field__item">Firebox</span> </div> </div> </div> <div class="d-inline column column--branch"><span class="field field--name-title field--type-string field--label-hidden">Firebox T (1st Gen)</span> </div> <div class="d-inline column column--list column--initial"><div class="field field--name-field-adv-product-list field--type-string field--label-hidden"> <div class='field__items d-inline'> <span class="field__item">T10,</span> <span class="field__item">T10-W,</span> <span class="field__item">T10-D,</span> <span class="field__item">T30,</span> <span class="field__item">T30-W,</span> <span class="field__item">T50,</span> <span class="field__item">T50-W</span> </div> </div> </div> </div> <div role="article" class="node node--type-advisory-product-branch row align-items-center"> <div class="d-inline column column--family"><div class="field field--name-field-adv-product-family field--type-entity-reference field--label-hidden"> <div class='field__items d-inline'> <span class="field__item">Firebox</span> </div> </div> </div> <div class="d-inline column column--branch"><span class="field field--name-title field--type-string field--label-hidden">XTM 1500 and 2520</span> </div> <div class="d-inline column column--list column--initial"><div class="field field--name-field-adv-product-list field--type-string field--label-hidden"> <div class='field__items d-inline'> <span class="field__item">XTM1520-RP,</span> <span class="field__item">XTM1525-RP,</span> <span class="field__item">XTM2520</span> </div> </div> </div> </div> <div role="article" class="node node--type-advisory-product-branch row align-items-center"> <div class="d-inline column column--family"><div class="field field--name-field-adv-product-family field--type-entity-reference field--label-hidden"> <div class='field__items d-inline'> <span class="field__item">Firebox</span> </div> </div> </div> <div class="d-inline column column--branch"><span class="field field--name-title field--type-string field--label-hidden">Firebox T (3rd Gen)</span> </div> <div class="d-inline column column--list column--initial"><div class="field field--name-field-adv-product-list field--type-string field--label-hidden"> <div class='field__items d-inline'> <span class="field__item">T20,</span> <span class="field__item">T20-W,</span> <span class="field__item">T40,</span> <span class="field__item">T40-W,</span> <span class="field__item">T80</span> </div> </div> </div> </div> <div role="article" class="node node--type-advisory-product-branch row align-items-center"> <div class="d-inline column column--family"><div class="field field--name-field-adv-product-family field--type-entity-reference field--label-hidden"> <div class='field__items d-inline'> <span class="field__item">Firebox</span> </div> </div> </div> <div class="d-inline column column--branch"><span class="field field--name-title field--type-string field--label-hidden">Firebox M (1st Gen)</span> </div> <div class="d-inline column column--list column--initial"><div class="field field--name-field-adv-product-list field--type-string field--label-hidden"> <div class='field__items d-inline'> <span class="field__item">M200,</span> <span class="field__item">M300,</span> <span class="field__item">M400,</span> <span class="field__item">M440,</span> <span class="field__item">M500</span> </div> </div> </div> </div> <div role="article" class="node node--type-advisory-product-branch row align-items-center"> <div class="d-inline column column--family"><div class="field field--name-field-adv-product-family field--type-entity-reference field--label-hidden"> <div class='field__items d-inline'> <span class="field__item">Firebox</span> </div> </div> </div> <div class="d-inline column column--branch"><span class="field field--name-title field--type-string field--label-hidden">Firebox M (2nd Gen)</span> </div> <div class="d-inline column column--list column--initial"><div class="field field--name-field-adv-product-list field--type-string field--label-hidden"> <div class='field__items d-inline'> <span class="field__item">M270,</span> <span class="field__item">M370,</span> <span class="field__item">M470,</span> <span class="field__item">M570,</span> <span class="field__item">M670</span> </div> </div> </div> </div> <div role="article" class="node node--type-advisory-product-branch row align-items-center"> <div class="d-inline column column--family"><div class="field field--name-field-adv-product-family field--type-entity-reference field--label-hidden"> <div class='field__items d-inline'> <span class="field__item">Firebox</span> </div> </div> </div> <div class="d-inline column column--branch"><span class="field field--name-title field--type-string field--label-hidden">Firebox T (2nd Gen)</span> </div> <div class="d-inline column column--list column--initial"><div class="field field--name-field-adv-product-list field--type-string field--label-hidden"> <div class='field__items d-inline'> <span class="field__item">T15,</span> <span class="field__item">T15-W,</span> <span class="field__item">T35,</span> <span class="field__item">T35-W,</span> <span class="field__item">T35-R,</span> <span class="field__item">T55,</span> <span class="field__item">T55-W,</span> <span class="field__item">T70</span> </div> </div> </div> </div> <div role="article" class="node node--type-advisory-product-branch row align-items-center"> <div class="d-inline column column--family"><div class="field field--name-field-adv-product-family field--type-entity-reference field--label-hidden"> <div class='field__items d-inline'> <span class="field__item">Firebox</span> </div> </div> </div> <div class="d-inline column column--branch"><span class="field field--name-title field--type-string field--label-hidden">Firebox M (3rd Gen)</span> </div> <div class="d-inline column column--list column--initial"><div class="field field--name-field-adv-product-list field--type-string field--label-hidden"> <div class='field__items d-inline'> <span class="field__item">M290,</span> <span class="field__item">M390,</span> <span class="field__item">M590,</span> <span class="field__item">M690,</span> <span class="field__item">M4800,</span> <span class="field__item">M5800</span> </div> </div> </div> </div> <div role="article" class="node node--type-advisory-product-branch row align-items-center"> <div class="d-inline column column--family"><div class="field field--name-field-adv-product-family field--type-entity-reference field--label-hidden"> <div class='field__items d-inline'> <span class="field__item">Firebox</span> </div> </div> </div> <div class="d-inline column column--branch"><span class="field field--name-title field--type-string field--label-hidden">FireboxV</span> </div> <div class="d-inline column column--list column--initial"><div class="field field--name-field-adv-product-list field--type-string field--label-hidden"> <div class='field__items d-inline'> <span class="field__item">Small,</span> <span class="field__item">Medium,</span> <span class="field__item">Large,</span> <span class="field__item">XLarge</span> </div> </div> </div> </div> <div role="article" class="node node--type-advisory-product-branch row align-items-center"> <div class="d-inline column column--family"><div class="field field--name-field-adv-product-family field--type-entity-reference field--label-hidden"> <div class='field__items d-inline'> <span class="field__item">Firebox</span> </div> </div> </div> <div class="d-inline column column--branch"><span class="field field--name-title field--type-string field--label-hidden">XTMv</span> </div> <div class="d-inline column column--list column--initial"><div class="field field--name-field-adv-product-list field--type-string field--label-hidden"> <div class='field__items d-inline'> <span class="field__item">Small,</span> <span class="field__item">Medium,</span> <span class="field__item">Large,</span> <span class="field__item">Datacenter</span> </div> </div> </div> </div> <div role="article" class="node node--type-advisory-product-branch row align-items-center"> <div class="d-inline column column--family"><div class="field field--name-field-adv-product-family field--type-entity-reference field--label-hidden"> <div class='field__items d-inline'> <span class="field__item">Firebox</span> </div> </div> </div> <div class="d-inline column column--branch"><span class="field field--name-title field--type-string field--label-hidden">FireboxCloud</span> </div> <div class="d-inline column column--list column--initial"><div class="field field--name-field-adv-product-list field--type-string field--label-hidden"> <div class='field__items d-inline'> <span class="field__item">Small,</span> <span class="field__item">Medium,</span> <span class="field__item">Large,</span> <span class="field__item">XLarge</span> </div> </div> </div> </div> <div role="article" class="node node--type-advisory-product-branch row align-items-center"> <div class="d-inline column column--family"><div class="field field--name-field-adv-product-family field--type-entity-reference field--label-hidden"> <div class='field__items d-inline'> <span class="field__item">Endpoint</span> </div> </div> </div> <div class="d-inline column column--branch"><span class="field field--name-title field--type-string field--label-hidden">Panda Dome</span> </div> <div class="d-inline column column--list column--initial"><div class="field field--name-field-adv-product-list field--type-string field--label-hidden"> <div class='field__items d-inline'> <span class="field__item">Essential,</span> <span class="field__item">Advanced,</span> <span class="field__item">Complete,</span> <span class="field__item">Premium</span> </div> </div> </div> </div> <div role="article" class="node node--type-advisory-product-branch row align-items-center"> <div class="d-inline column column--family"><div class="field field--name-field-adv-product-family field--type-entity-reference field--label-hidden"> <div class='field__items d-inline'> <span class="field__item">Endpoint</span> </div> </div> </div> <div class="d-inline column column--branch"><span class="field field--name-title field--type-string field--label-hidden">Panda AD360</span> </div> <div class="d-inline column column--list column--initial"><div class="field field--name-field-adv-product-list field--type-string field--label-hidden"> <div class='field__items d-inline'> <span class="field__item">AD360</span> </div> </div> </div> </div> <div role="article" class="node node--type-advisory-product-branch row align-items-center"> <div class="d-inline column column--family"><div class="field field--name-field-adv-product-family field--type-entity-reference field--label-hidden"> <div class='field__items d-inline'> <span class="field__item">Endpoint</span> </div> </div> </div> <div class="d-inline column column--branch"><span class="field field--name-title field--type-string field--label-hidden">WatchGuard EPDR</span> </div> <div class="d-inline column column--list column--initial"><div class="field field--name-field-adv-product-list field--type-string field--label-hidden"> <div class='field__items d-inline'> <span class="field__item">EPP,</span> <span class="field__item">EDR,</span> <span class="field__item">EPDR</span> </div> </div> </div> </div> <div role="article" class="node node--type-advisory-product-branch row align-items-center"> <div class="d-inline column column--family"><div class="field field--name-field-adv-product-family field--type-entity-reference field--label-hidden"> <div class='field__items d-inline'> <span class="field__item">WatchGuard Cloud</span> </div> </div> </div> <div class="d-inline column column--branch"><span class="field field--name-title field--type-string field--label-hidden">WatchGuard Cloud</span> </div> <div class="d-inline column column--list column--initial"><div class="field field--name-field-adv-product-list field--type-string field--label-hidden"> <div class='field__items d-inline'> <span class="field__item">WatchGuard Cloud</span> </div> </div> </div> </div> <div role="article" class="node node--type-advisory-product-branch row align-items-center"> <div class="d-inline column column--family"><div class="field field--name-field-adv-product-family field--type-entity-reference field--label-hidden"> <div class='field__items d-inline'> <span class="field__item">Dimension</span> </div> </div> </div> <div class="d-inline column column--branch"><span class="field field--name-title field--type-string field--label-hidden">Dimension</span> </div> <div class="d-inline column column--list column--initial"><div class="field field--name-field-adv-product-list field--type-string field--label-hidden"> <div class='field__items d-inline'> <span class="field__item">Dimension</span> </div> </div> </div> </div> <div role="article" class="node node--type-advisory-product-branch row align-items-center"> <div class="d-inline column column--family"><div class="field field--name-field-adv-product-family field--type-entity-reference field--label-hidden"> <div class='field__items d-inline'> <span class="field__item">Other Software</span> </div> </div> </div> <div class="d-inline column column--branch"><span class="field field--name-title field--type-string field--label-hidden">WatchGuard System Manager (WSM)</span> </div> <div class="d-inline column column--list column--initial"><div class="field field--name-field-adv-product-list field--type-string field--label-hidden"> <div class='field__items d-inline'> <span class="field__item">WSM</span> </div> </div> </div> </div> <div role="article" class="node node--type-advisory-product-branch row align-items-center"> <div class="d-inline column column--family"><div class="field field--name-field-adv-product-family field--type-entity-reference field--label-hidden"> <div class='field__items d-inline'> <span class="field__item">Secure Wi-Fi</span> </div> </div> </div> <div class="d-inline column column--branch"><span class="field field--name-title field--type-string field--label-hidden">Wi-Fi 6</span> </div> <div class="d-inline column column--list column--initial"><div class="field field--name-field-adv-product-list field--type-string field--label-hidden"> <div class='field__items d-inline'> <span class="field__item">AP130,</span> <span class="field__item">AP330,</span> <span class="field__item">AP430CR,</span> <span class="field__item">AP432</span> </div> </div> </div> </div> <div role="article" class="node node--type-advisory-product-branch row align-items-center"> <div class="d-inline column column--family"><div class="field field--name-field-adv-product-family field--type-entity-reference field--label-hidden"> <div class='field__items d-inline'> <span class="field__item">Secure Wi-Fi</span> </div> </div> </div> <div class="d-inline column column--branch"><span class="field field--name-title field--type-string field--label-hidden">Wi-Fi 4 &amp; 5</span> </div> <div class="d-inline column column--list column--initial"><div class="field field--name-field-adv-product-list field--type-string field--label-hidden"> <div class='field__items d-inline'> <span class="field__item">AP322,</span> <span class="field__item">AP420,</span> <span class="field__item">AP125,</span> <span class="field__item">AP225W,</span> <span class="field__item">AP325,</span> <span class="field__item">AP327X</span> </div> </div> </div> </div> </div> </div> Tue, 01 Nov 2022 17:01:19 +0000 WatchGuard 71886 at https://www.watchguard.com OpenVPN Unauthenticated Access To Control Channel Data (CVE-2020-15078) https://www.watchguard.com/wgrd-psirt/advisory/wgsa-2022-00020 <span class="field field--name-title field--type-string field--label-hidden">OpenVPN Unauthenticated Access To Control Channel Data (CVE-2020-15078)</span> <div class="field field--name-field-adv-id field--type-string field--label-inline"> <div class="field__label">Advisory ID</div> <div class="field__item odd field__item--1">WGSA-2022-00020</div> </div> <span class="field field--name-uid field--type-entity-reference field--label-hidden"><span>WatchGuard</span></span> <span class="field field--name-created field--type-created field--label-hidden">Tue, 07/05/2022 - 07:50</span> <div class="field field--name-field-adv-cve field--type-string-long field--label-inline"> <div class="field__label">CVE</div> <div class="field__item odd field__item--1">CVE-2020-15078</div> </div> <div class="field field--name-field-adv-impact field--type-list-integer field--label-inline"> <div class="field__label">Impact</div> <div class="field__item odd field__item--1">High</div> </div> <div class="field field--name-field-adv-status field--type-list-string field--label-inline"> <div class="field__label">Status</div> <div class="field__item odd field__item--1">Investigating</div> </div> <div class="field field--name-field-adv-product-family field--type-entity-reference field--label-inline"> <div class="field__label">Product Family</div> <div class='field__items d-inline'> <span class="field__item">Firebox</span> </div> </div> <div class="field field--name-field-adv-published-date field--type-datetime field--label-inline"> <div class="field__label">Published Date</div> <div class="field__item odd field__item--1"><time datetime="2022-07-05T14:42:51Z" class="datetime">2022-07-05</time> </div> </div> <div class="field field--name-field-adv-updated-date field--type-datetime field--label-inline"> <div class="field__label">Updated Date</div> <div class="field__item odd field__item--1"><time datetime="2022-07-05T17:37:20Z" class="datetime">2022-07-05</time> </div> </div> <div class="field field--name-field-adv-workaround-available field--type-boolean field--label-inline"> <div class="field__label">Workaround Available</div> <div class="field__item odd field__item--1">True</div> </div> <div class="field field--name-field-adv-cvss-score field--type-decimal field--label-inline"> <div class="field__label">CVSS Score</div> <div class="field__item odd field__item--1">7.5</div> </div> <div class="field field--name-field-adv-cvss-vector field--type-string field--label-inline"> <div class="field__label">CVSS Vector</div> <div class="field__item odd field__item--1"> CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N</div> </div> <div class="clearfix text-formatted field field--name-body field--type-text-with-summary field--label-inline"> <div class="field__label">Summary</div> <div class="field__item odd field__item--1"><p>A bug found in OpenVPN that may also apply to Watchguard Mobile VPN could allow a remote attackers to bypass authentication and access control channel data on servers configured with deferred authentication which can be used to potentially trigger further information leaks. Based off the limited vulnerability details we believe this vulnerability may impact Fireware OS releases after 12.5.3 and have updated the version of OpenSSL included in Fireware OS 12.8.1 out of an abundance of caution.</p></div> </div> <div class="clearfix text-formatted field field--name-field-adv-affected field--type-text-long field--label-inline"> <div class="field__label">Affected</div> <div class="field__item odd field__item--1"><p>Fireware OS before 12.8.1 and 12.5.3 up to and including 12.5.10.</p> <p><em>Note: Firebox Fireware OS 12.1.x and before is <strong>not</strong> vulnerable</em></p></div> </div> <div class="clearfix text-formatted field field--name-field-adv-resolution field--type-text-long field--label-inline"> <div class="field__label">Resolution</div> <div class="field__item odd field__item--1"><p>Resolved in Fireware OS 12.8.1 release</p></div> </div> <div class="field field--name-field-adv-references field--type-link field--label-inline"> <div class="field__label">References</div> <div class='field__items'> <div class="field__item odd field__item--1"><a href="https://community.openvpn.net/openvpn/wiki/CVE-2020-15078">https://community.openvpn.net/openvpn/wiki/CVE-2020-15078</a></div> </div> </div> <div class="field field--name-field-adv-products field--type-entity-reference field--label-above mt-3"> <div class="field__label mb-1">Advisory Product List</div> <div class="striped-table zebra mt-2"> <div class="row head align-items-end"> <div class="d-inline column column--family">Product Family</div> <div class="d-inline column column--branch">Product Branch</div> <div class="d-inline column column--list column--initial">Product List</div> </div> <div role="article" class="node node--type-advisory-product-branch row align-items-center"> <div class="d-inline column column--family"><div class="field field--name-field-adv-product-family field--type-entity-reference field--label-hidden"> <div class='field__items d-inline'> <span class="field__item">Firebox</span> </div> </div> </div> <div class="d-inline column column--branch"><span class="field field--name-title field--type-string field--label-hidden">Firebox T (2nd Gen)</span> </div> <div class="d-inline column column--list column--initial"><div class="field field--name-field-adv-product-list field--type-string field--label-hidden"> <div class='field__items d-inline'> <span class="field__item">T15,</span> <span class="field__item">T15-W,</span> <span class="field__item">T35,</span> <span class="field__item">T35-W,</span> <span class="field__item">T35-R,</span> <span class="field__item">T55,</span> <span class="field__item">T55-W,</span> <span class="field__item">T70</span> </div> </div> </div> </div> <div role="article" class="node node--type-advisory-product-branch row align-items-center"> <div class="d-inline column column--family"><div class="field field--name-field-adv-product-family field--type-entity-reference field--label-hidden"> <div class='field__items d-inline'> <span class="field__item">Firebox</span> </div> </div> </div> <div class="d-inline column column--branch"><span class="field field--name-title field--type-string field--label-hidden">Firebox T (3rd Gen)</span> </div> <div class="d-inline column column--list column--initial"><div class="field field--name-field-adv-product-list field--type-string field--label-hidden"> <div class='field__items d-inline'> <span class="field__item">T20,</span> <span class="field__item">T20-W,</span> <span class="field__item">T40,</span> <span class="field__item">T40-W,</span> <span class="field__item">T80</span> </div> </div> </div> </div> <div role="article" class="node node--type-advisory-product-branch row align-items-center"> <div class="d-inline column column--family"><div class="field field--name-field-adv-product-family field--type-entity-reference field--label-hidden"> <div class='field__items d-inline'> <span class="field__item">Firebox</span> </div> </div> </div> <div class="d-inline column column--branch"><span class="field field--name-title field--type-string field--label-hidden">Firebox M (2nd Gen)</span> </div> <div class="d-inline column column--list column--initial"><div class="field field--name-field-adv-product-list field--type-string field--label-hidden"> <div class='field__items d-inline'> <span class="field__item">M270,</span> <span class="field__item">M370,</span> <span class="field__item">M470,</span> <span class="field__item">M570,</span> <span class="field__item">M670</span> </div> </div> </div> </div> <div role="article" class="node node--type-advisory-product-branch row align-items-center"> <div class="d-inline column column--family"><div class="field field--name-field-adv-product-family field--type-entity-reference field--label-hidden"> <div class='field__items d-inline'> <span class="field__item">Firebox</span> </div> </div> </div> <div class="d-inline column column--branch"><span class="field field--name-title field--type-string field--label-hidden">Firebox M (3rd Gen)</span> </div> <div class="d-inline column column--list column--initial"><div class="field field--name-field-adv-product-list field--type-string field--label-hidden"> <div class='field__items d-inline'> <span class="field__item">M290,</span> <span class="field__item">M390,</span> <span class="field__item">M590,</span> <span class="field__item">M690,</span> <span class="field__item">M4800,</span> <span class="field__item">M5800</span> </div> </div> </div> </div> <div role="article" class="node node--type-advisory-product-branch row align-items-center"> <div class="d-inline column column--family"><div class="field field--name-field-adv-product-family field--type-entity-reference field--label-hidden"> <div class='field__items d-inline'> <span class="field__item">Firebox</span> </div> </div> </div> <div class="d-inline column column--branch"><span class="field field--name-title field--type-string field--label-hidden">FireboxV</span> </div> <div class="d-inline column column--list column--initial"><div class="field field--name-field-adv-product-list field--type-string field--label-hidden"> <div class='field__items d-inline'> <span class="field__item">Small,</span> <span class="field__item">Medium,</span> <span class="field__item">Large,</span> <span class="field__item">XLarge</span> </div> </div> </div> </div> <div role="article" class="node node--type-advisory-product-branch row align-items-center"> <div class="d-inline column column--family"><div class="field field--name-field-adv-product-family field--type-entity-reference field--label-hidden"> <div class='field__items d-inline'> <span class="field__item">Firebox</span> </div> </div> </div> <div class="d-inline column column--branch"><span class="field field--name-title field--type-string field--label-hidden">FireboxCloud</span> </div> <div class="d-inline column column--list column--initial"><div class="field field--name-field-adv-product-list field--type-string field--label-hidden"> <div class='field__items d-inline'> <span class="field__item">Small,</span> <span class="field__item">Medium,</span> <span class="field__item">Large,</span> <span class="field__item">XLarge</span> </div> </div> </div> </div> </div> </div> Tue, 05 Jul 2022 14:50:01 +0000 WatchGuard 68231 at https://www.watchguard.com Firebox Limited Authenticated Arbitrary File Read/Write Vulnerability https://www.watchguard.com/wgrd-psirt/advisory/wgsa-2022-00019 <span class="field field--name-title field--type-string field--label-hidden">Firebox Limited Authenticated Arbitrary File Read/Write Vulnerability</span> <div class="field field--name-field-adv-id field--type-string field--label-inline"> <div class="field__label">Advisory ID</div> <div class="field__item odd field__item--1">WGSA-2022-00019</div> </div> <span class="field field--name-uid field--type-entity-reference field--label-hidden"><span>WatchGuard</span></span> <span class="field field--name-created field--type-created field--label-hidden">Thu, 06/23/2022 - 13:50</span> <div class="field field--name-field-adv-cve field--type-string-long field--label-inline"> <div class="field__label">CVE</div> <div class="field__item odd field__item--1">CVE-2022-31749</div> </div> <div class="field field--name-field-adv-impact field--type-list-integer field--label-inline"> <div class="field__label">Impact</div> <div class="field__item odd field__item--1">Medium</div> </div> <div class="field field--name-field-adv-status field--type-list-string field--label-inline"> <div class="field__label">Status</div> <div class="field__item odd field__item--1">Resolved</div> </div> <div class="field field--name-field-adv-product-family field--type-entity-reference field--label-inline"> <div class="field__label">Product Family</div> <div class='field__items d-inline'> <span class="field__item">Firebox</span> </div> </div> <div class="field field--name-field-adv-published-date field--type-datetime field--label-inline"> <div class="field__label">Published Date</div> <div class="field__item odd field__item--1"><time datetime="2022-06-23T20:47:51Z" class="datetime">2022-06-23</time> </div> </div> <div class="field field--name-field-adv-updated-date field--type-datetime field--label-inline"> <div class="field__label">Updated Date</div> <div class="field__item odd field__item--1"><time datetime="2022-06-17T22:54:21Z" class="datetime">2022-06-17</time> </div> </div> <div class="field field--name-field-adv-workaround-available field--type-boolean field--label-inline"> <div class="field__label">Workaround Available</div> <div class="field__item odd field__item--1">False</div> </div> <div class="field field--name-field-adv-cvss-score field--type-decimal field--label-inline"> <div class="field__label">CVSS Score</div> <div class="field__item odd field__item--1">6.5</div> </div> <div class="field field--name-field-adv-cvss-vector field--type-string field--label-inline"> <div class="field__label">CVSS Vector</div> <div class="field__item odd field__item--1">CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N</div> </div> <div class="clearfix text-formatted field field--name-body field--type-text-with-summary field--label-inline"> <div class="field__label">Summary</div> <div class="field__item odd field__item--1"><p>WatchGuard Firebox and XTM appliances allow an authenticated remote attacker with unprivileged credentials to upload or read files to limited, arbitrary locations.</p></div> </div> <div class="clearfix text-formatted field field--name-field-adv-affected field--type-text-long field--label-inline"> <div class="field__label">Affected</div> <div class="field__item odd field__item--1"><p>Fireware OS before 12.8.1, 12.x before 12.1.4, and 12.2.x through 12.5.x before 12.5.10</p></div> </div> <div class="clearfix text-formatted field field--name-field-adv-resolution field--type-text-long field--label-inline"> <div class="field__label">Resolution</div> <div class="field__item odd field__item--1"><p>Fireware OS 12.8.1, 12.5.10, 12.1.4</p></div> </div> <div class="field field--name-field-adv-credits field--type-string field--label-inline"> <div class="field__label">Credits</div> <div class='field__items d-inline'> <span class="field__item">Jake Baines of Rapid7</span> </div> </div> <div class="field field--name-field-adv-products field--type-entity-reference field--label-above mt-3"> <div class="field__label mb-1">Advisory Product List</div> <div class="striped-table zebra mt-2"> <div class="row head align-items-end"> <div class="d-inline column column--family">Product Family</div> <div class="d-inline column column--branch">Product Branch</div> <div class="d-inline column column--list column--initial">Product List</div> </div> <div role="article" class="node node--type-advisory-product-branch row align-items-center"> <div class="d-inline column column--family"><div class="field field--name-field-adv-product-family field--type-entity-reference field--label-hidden"> <div class='field__items d-inline'> <span class="field__item">Firebox</span> </div> </div> </div> <div class="d-inline column column--branch"><span class="field field--name-title field--type-string field--label-hidden">XTM 8 Series (2nd Gen)</span> </div> <div class="d-inline column column--list column--initial"><div class="field field--name-field-adv-product-list field--type-string field--label-hidden"> <div class='field__items d-inline'> <span class="field__item">XTM850,</span> <span class="field__item">XTM860,</span> <span class="field__item">XTM870,</span> <span class="field__item">XTM870-F</span> </div> </div> </div> </div> <div role="article" class="node node--type-advisory-product-branch row align-items-center"> <div class="d-inline column column--family"><div class="field field--name-field-adv-product-family field--type-entity-reference field--label-hidden"> <div class='field__items d-inline'> <span class="field__item">Firebox</span> </div> </div> </div> <div class="d-inline column column--branch"><span class="field field--name-title field--type-string field--label-hidden">XTM 1500 and 2520</span> </div> <div class="d-inline column column--list column--initial"><div class="field field--name-field-adv-product-list field--type-string field--label-hidden"> <div class='field__items d-inline'> <span class="field__item">XTM1520-RP,</span> <span class="field__item">XTM1525-RP,</span> <span class="field__item">XTM2520</span> </div> </div> </div> </div> <div role="article" class="node node--type-advisory-product-branch row align-items-center"> <div class="d-inline column column--family"><div class="field field--name-field-adv-product-family field--type-entity-reference field--label-hidden"> <div class='field__items d-inline'> <span class="field__item">Firebox</span> </div> </div> </div> <div class="d-inline column column--branch"><span class="field field--name-title field--type-string field--label-hidden">Firebox T (1st Gen)</span> </div> <div class="d-inline column column--list column--initial"><div class="field field--name-field-adv-product-list field--type-string field--label-hidden"> <div class='field__items d-inline'> <span class="field__item">T10,</span> <span class="field__item">T10-W,</span> <span class="field__item">T10-D,</span> <span class="field__item">T30,</span> <span class="field__item">T30-W,</span> <span class="field__item">T50,</span> <span class="field__item">T50-W</span> </div> </div> </div> </div> <div role="article" class="node node--type-advisory-product-branch row align-items-center"> <div class="d-inline column column--family"><div class="field field--name-field-adv-product-family field--type-entity-reference field--label-hidden"> <div class='field__items d-inline'> <span class="field__item">Firebox</span> </div> </div> </div> <div class="d-inline column column--branch"><span class="field field--name-title field--type-string field--label-hidden">Firebox T (2nd Gen)</span> </div> <div class="d-inline column column--list column--initial"><div class="field field--name-field-adv-product-list field--type-string field--label-hidden"> <div class='field__items d-inline'> <span class="field__item">T15,</span> <span class="field__item">T15-W,</span> <span class="field__item">T35,</span> <span class="field__item">T35-W,</span> <span class="field__item">T35-R,</span> <span class="field__item">T55,</span> <span class="field__item">T55-W,</span> <span class="field__item">T70</span> </div> </div> </div> </div> <div role="article" class="node node--type-advisory-product-branch row align-items-center"> <div class="d-inline column column--family"><div class="field field--name-field-adv-product-family field--type-entity-reference field--label-hidden"> <div class='field__items d-inline'> <span class="field__item">Firebox</span> </div> </div> </div> <div class="d-inline column column--branch"><span class="field field--name-title field--type-string field--label-hidden">Firebox M (1st Gen)</span> </div> <div class="d-inline column column--list column--initial"><div class="field field--name-field-adv-product-list field--type-string field--label-hidden"> <div class='field__items d-inline'> <span class="field__item">M200,</span> <span class="field__item">M300,</span> <span class="field__item">M400,</span> <span class="field__item">M440,</span> <span class="field__item">M500</span> </div> </div> </div> </div> <div role="article" class="node node--type-advisory-product-branch row align-items-center"> <div class="d-inline column column--family"><div class="field field--name-field-adv-product-family field--type-entity-reference field--label-hidden"> <div class='field__items d-inline'> <span class="field__item">Firebox</span> </div> </div> </div> <div class="d-inline column column--branch"><span class="field field--name-title field--type-string field--label-hidden">Firebox M (2nd Gen)</span> </div> <div class="d-inline column column--list column--initial"><div class="field field--name-field-adv-product-list field--type-string field--label-hidden"> <div class='field__items d-inline'> <span class="field__item">M270,</span> <span class="field__item">M370,</span> <span class="field__item">M470,</span> <span class="field__item">M570,</span> <span class="field__item">M670</span> </div> </div> </div> </div> <div role="article" class="node node--type-advisory-product-branch row align-items-center"> <div class="d-inline column column--family"><div class="field field--name-field-adv-product-family field--type-entity-reference field--label-hidden"> <div class='field__items d-inline'> <span class="field__item">Firebox</span> </div> </div> </div> <div class="d-inline column column--branch"><span class="field field--name-title field--type-string field--label-hidden">Firebox T (3rd Gen)</span> </div> <div class="d-inline column column--list column--initial"><div class="field field--name-field-adv-product-list field--type-string field--label-hidden"> <div class='field__items d-inline'> <span class="field__item">T20,</span> <span class="field__item">T20-W,</span> <span class="field__item">T40,</span> <span class="field__item">T40-W,</span> <span class="field__item">T80</span> </div> </div> </div> </div> <div role="article" class="node node--type-advisory-product-branch row align-items-center"> <div class="d-inline column column--family"><div class="field field--name-field-adv-product-family field--type-entity-reference field--label-hidden"> <div class='field__items d-inline'> <span class="field__item">Firebox</span> </div> </div> </div> <div class="d-inline column column--branch"><span class="field field--name-title field--type-string field--label-hidden">Firebox M (3rd Gen)</span> </div> <div class="d-inline column column--list column--initial"><div class="field field--name-field-adv-product-list field--type-string field--label-hidden"> <div class='field__items d-inline'> <span class="field__item">M290,</span> <span class="field__item">M390,</span> <span class="field__item">M590,</span> <span class="field__item">M690,</span> <span class="field__item">M4800,</span> <span class="field__item">M5800</span> </div> </div> </div> </div> <div role="article" class="node node--type-advisory-product-branch row align-items-center"> <div class="d-inline column column--family"><div class="field field--name-field-adv-product-family field--type-entity-reference field--label-hidden"> <div class='field__items d-inline'> <span class="field__item">Firebox</span> </div> </div> </div> <div class="d-inline column column--branch"><span class="field field--name-title field--type-string field--label-hidden">XTMv</span> </div> <div class="d-inline column column--list column--initial"><div class="field field--name-field-adv-product-list field--type-string field--label-hidden"> <div class='field__items d-inline'> <span class="field__item">Small,</span> <span class="field__item">Medium,</span> <span class="field__item">Large,</span> <span class="field__item">Datacenter</span> </div> </div> </div> </div> <div role="article" class="node node--type-advisory-product-branch row align-items-center"> <div class="d-inline column column--family"><div class="field field--name-field-adv-product-family field--type-entity-reference field--label-hidden"> <div class='field__items d-inline'> <span class="field__item">Firebox</span> </div> </div> </div> <div class="d-inline column column--branch"><span class="field field--name-title field--type-string field--label-hidden">FireboxV</span> </div> <div class="d-inline column column--list column--initial"><div class="field field--name-field-adv-product-list field--type-string field--label-hidden"> <div class='field__items d-inline'> <span class="field__item">Small,</span> <span class="field__item">Medium,</span> <span class="field__item">Large,</span> <span class="field__item">XLarge</span> </div> </div> </div> </div> <div role="article" class="node node--type-advisory-product-branch row align-items-center"> <div class="d-inline column column--family"><div class="field field--name-field-adv-product-family field--type-entity-reference field--label-hidden"> <div class='field__items d-inline'> <span class="field__item">Firebox</span> </div> </div> </div> <div class="d-inline column column--branch"><span class="field field--name-title field--type-string field--label-hidden">FireboxCloud</span> </div> <div class="d-inline column column--list column--initial"><div class="field field--name-field-adv-product-list field--type-string field--label-hidden"> <div class='field__items d-inline'> <span class="field__item">Small,</span> <span class="field__item">Medium,</span> <span class="field__item">Large,</span> <span class="field__item">XLarge</span> </div> </div> </div> </div> </div> </div> Thu, 23 Jun 2022 20:50:01 +0000 WatchGuard 67796 at https://www.watchguard.com Firebox Information Disclosure Vulnerability https://www.watchguard.com/wgrd-psirt/advisory/wgsa-2022-00017 <span class="field field--name-title field--type-string field--label-hidden">Firebox Information Disclosure Vulnerability</span> <div class="field field--name-field-adv-id field--type-string field--label-inline"> <div class="field__label">Advisory ID</div> <div class="field__item odd field__item--1">WGSA-2022-00017</div> </div> <span class="field field--name-uid field--type-entity-reference field--label-hidden"><span>WatchGuard</span></span> <span class="field field--name-created field--type-created field--label-hidden">Thu, 06/23/2022 - 13:50</span> <div class="field field--name-field-adv-cve field--type-string-long field--label-inline"> <div class="field__label">CVE</div> <div class="field__item odd field__item--1">CVE-2022-31790</div> </div> <div class="field field--name-field-adv-impact field--type-list-integer field--label-inline"> <div class="field__label">Impact</div> <div class="field__item odd field__item--1">High</div> </div> <div class="field field--name-field-adv-status field--type-list-string field--label-inline"> <div class="field__label">Status</div> <div class="field__item odd field__item--1">Resolved</div> </div> <div class="field field--name-field-adv-product-family field--type-entity-reference field--label-inline"> <div class="field__label">Product Family</div> <div class='field__items d-inline'> <span class="field__item">Firebox</span> </div> </div> <div class="field field--name-field-adv-published-date field--type-datetime field--label-inline"> <div class="field__label">Published Date</div> <div class="field__item odd field__item--1"><time datetime="2022-06-23T20:47:56Z" class="datetime">2022-06-23</time> </div> </div> <div class="field field--name-field-adv-updated-date field--type-datetime field--label-inline"> <div class="field__label">Updated Date</div> <div class="field__item odd field__item--1"><time datetime="2022-06-17T22:35:20Z" class="datetime">2022-06-17</time> </div> </div> <div class="field field--name-field-adv-workaround-available field--type-boolean field--label-inline"> <div class="field__label">Workaround Available</div> <div class="field__item odd field__item--1">False</div> </div> <div class="field field--name-field-adv-cvss-score field--type-decimal field--label-inline"> <div class="field__label">CVSS Score</div> <div class="field__item odd field__item--1">7.5</div> </div> <div class="field field--name-field-adv-cvss-vector field--type-string field--label-inline"> <div class="field__label">CVSS Vector</div> <div class="field__item odd field__item--1">CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N</div> </div> <div class="clearfix text-formatted field field--name-body field--type-text-with-summary field--label-inline"> <div class="field__label">Summary</div> <div class="field__item odd field__item--1"><p>WatchGuard Firebox and XTM appliances allow an unauthenticated remote attacker to retrieve sensitive authentication server settings by sending a malicious request to exposed authentication endpoints.</p></div> </div> <div class="clearfix text-formatted field field--name-field-adv-affected field--type-text-long field--label-inline"> <div class="field__label">Affected</div> <div class="field__item odd field__item--1"><p>Fireware OS before 12.8.1, 12.x before 12.1.4, and 12.2.x through 12.5.x before 12.5.10.</p></div> </div> <div class="clearfix text-formatted field field--name-field-adv-resolution field--type-text-long field--label-inline"> <div class="field__label">Resolution</div> <div class="field__item odd field__item--1"><p>Fireware OS 12.8.1, 12.5.10 and 12.1.4</p></div> </div> <div class="field field--name-field-adv-credits field--type-string field--label-inline"> <div class="field__label">Credits</div> <div class='field__items d-inline'> <span class="field__item">Charles Fol from LEXFO/AMBIONICS</span> </div> </div> <div class="field field--name-field-adv-products field--type-entity-reference field--label-above mt-3"> <div class="field__label mb-1">Advisory Product List</div> <div class="striped-table zebra mt-2"> <div class="row head align-items-end"> <div class="d-inline column column--family">Product Family</div> <div class="d-inline column column--branch">Product Branch</div> <div class="d-inline column column--list column--initial">Product List</div> </div> <div role="article" class="node node--type-advisory-product-branch row align-items-center"> <div class="d-inline column column--family"><div class="field field--name-field-adv-product-family field--type-entity-reference field--label-hidden"> <div class='field__items d-inline'> <span class="field__item">Firebox</span> </div> </div> </div> <div class="d-inline column column--branch"><span class="field field--name-title field--type-string field--label-hidden">XTM 8 Series (2nd Gen)</span> </div> <div class="d-inline column column--list column--initial"><div class="field field--name-field-adv-product-list field--type-string field--label-hidden"> <div class='field__items d-inline'> <span class="field__item">XTM850,</span> <span class="field__item">XTM860,</span> <span class="field__item">XTM870,</span> <span class="field__item">XTM870-F</span> </div> </div> </div> </div> <div role="article" class="node node--type-advisory-product-branch row align-items-center"> <div class="d-inline column column--family"><div class="field field--name-field-adv-product-family field--type-entity-reference field--label-hidden"> <div class='field__items d-inline'> <span class="field__item">Firebox</span> </div> </div> </div> <div class="d-inline column column--branch"><span class="field field--name-title field--type-string field--label-hidden">XTM 1500 and 2520</span> </div> <div class="d-inline column column--list column--initial"><div class="field field--name-field-adv-product-list field--type-string field--label-hidden"> <div class='field__items d-inline'> <span class="field__item">XTM1520-RP,</span> <span class="field__item">XTM1525-RP,</span> <span class="field__item">XTM2520</span> </div> </div> </div> </div> <div role="article" class="node node--type-advisory-product-branch row align-items-center"> <div class="d-inline column column--family"><div class="field field--name-field-adv-product-family field--type-entity-reference field--label-hidden"> <div class='field__items d-inline'> <span class="field__item">Firebox</span> </div> </div> </div> <div class="d-inline column column--branch"><span class="field field--name-title field--type-string field--label-hidden">Firebox T (1st Gen)</span> </div> <div class="d-inline column column--list column--initial"><div class="field field--name-field-adv-product-list field--type-string field--label-hidden"> <div class='field__items d-inline'> <span class="field__item">T10,</span> <span class="field__item">T10-W,</span> <span class="field__item">T10-D,</span> <span class="field__item">T30,</span> <span class="field__item">T30-W,</span> <span class="field__item">T50,</span> <span class="field__item">T50-W</span> </div> </div> </div> </div> <div role="article" class="node node--type-advisory-product-branch row align-items-center"> <div class="d-inline column column--family"><div class="field field--name-field-adv-product-family field--type-entity-reference field--label-hidden"> <div class='field__items d-inline'> <span class="field__item">Firebox</span> </div> </div> </div> <div class="d-inline column column--branch"><span class="field field--name-title field--type-string field--label-hidden">Firebox T (3rd Gen)</span> </div> <div class="d-inline column column--list column--initial"><div class="field field--name-field-adv-product-list field--type-string field--label-hidden"> <div class='field__items d-inline'> <span class="field__item">T20,</span> <span class="field__item">T20-W,</span> <span class="field__item">T40,</span> <span class="field__item">T40-W,</span> <span class="field__item">T80</span> </div> </div> </div> </div> <div role="article" class="node node--type-advisory-product-branch row align-items-center"> <div class="d-inline column column--family"><div class="field field--name-field-adv-product-family field--type-entity-reference field--label-hidden"> <div class='field__items d-inline'> <span class="field__item">Firebox</span> </div> </div> </div> <div class="d-inline column column--branch"><span class="field field--name-title field--type-string field--label-hidden">Firebox T (2nd Gen)</span> </div> <div class="d-inline column column--list column--initial"><div class="field field--name-field-adv-product-list field--type-string field--label-hidden"> <div class='field__items d-inline'> <span class="field__item">T15,</span> <span class="field__item">T15-W,</span> <span class="field__item">T35,</span> <span class="field__item">T35-W,</span> <span class="field__item">T35-R,</span> <span class="field__item">T55,</span> <span class="field__item">T55-W,</span> <span class="field__item">T70</span> </div> </div> </div> </div> <div role="article" class="node node--type-advisory-product-branch row align-items-center"> <div class="d-inline column column--family"><div class="field field--name-field-adv-product-family field--type-entity-reference field--label-hidden"> <div class='field__items d-inline'> <span class="field__item">Firebox</span> </div> </div> </div> <div class="d-inline column column--branch"><span class="field field--name-title field--type-string field--label-hidden">Firebox M (2nd Gen)</span> </div> <div class="d-inline column column--list column--initial"><div class="field field--name-field-adv-product-list field--type-string field--label-hidden"> <div class='field__items d-inline'> <span class="field__item">M270,</span> <span class="field__item">M370,</span> <span class="field__item">M470,</span> <span class="field__item">M570,</span> <span class="field__item">M670</span> </div> </div> </div> </div> <div role="article" class="node node--type-advisory-product-branch row align-items-center"> <div class="d-inline column column--family"><div class="field field--name-field-adv-product-family field--type-entity-reference field--label-hidden"> <div class='field__items d-inline'> <span class="field__item">Firebox</span> </div> </div> </div> <div class="d-inline column column--branch"><span class="field field--name-title field--type-string field--label-hidden">Firebox M (1st Gen)</span> </div> <div class="d-inline column column--list column--initial"><div class="field field--name-field-adv-product-list field--type-string field--label-hidden"> <div class='field__items d-inline'> <span class="field__item">M200,</span> <span class="field__item">M300,</span> <span class="field__item">M400,</span> <span class="field__item">M440,</span> <span class="field__item">M500</span> </div> </div> </div> </div> <div role="article" class="node node--type-advisory-product-branch row align-items-center"> <div class="d-inline column column--family"><div class="field field--name-field-adv-product-family field--type-entity-reference field--label-hidden"> <div class='field__items d-inline'> <span class="field__item">Firebox</span> </div> </div> </div> <div class="d-inline column column--branch"><span class="field field--name-title field--type-string field--label-hidden">Firebox M (3rd Gen)</span> </div> <div class="d-inline column column--list column--initial"><div class="field field--name-field-adv-product-list field--type-string field--label-hidden"> <div class='field__items d-inline'> <span class="field__item">M290,</span> <span class="field__item">M390,</span> <span class="field__item">M590,</span> <span class="field__item">M690,</span> <span class="field__item">M4800,</span> <span class="field__item">M5800</span> </div> </div> </div> </div> <div role="article" class="node node--type-advisory-product-branch row align-items-center"> <div class="d-inline column column--family"><div class="field field--name-field-adv-product-family field--type-entity-reference field--label-hidden"> <div class='field__items d-inline'> <span class="field__item">Firebox</span> </div> </div> </div> <div class="d-inline column column--branch"><span class="field field--name-title field--type-string field--label-hidden">XTMv</span> </div> <div class="d-inline column column--list column--initial"><div class="field field--name-field-adv-product-list field--type-string field--label-hidden"> <div class='field__items d-inline'> <span class="field__item">Small,</span> <span class="field__item">Medium,</span> <span class="field__item">Large,</span> <span class="field__item">Datacenter</span> </div> </div> </div> </div> <div role="article" class="node node--type-advisory-product-branch row align-items-center"> <div class="d-inline column column--family"><div class="field field--name-field-adv-product-family field--type-entity-reference field--label-hidden"> <div class='field__items d-inline'> <span class="field__item">Firebox</span> </div> </div> </div> <div class="d-inline column column--branch"><span class="field field--name-title field--type-string field--label-hidden">FireboxV</span> </div> <div class="d-inline column column--list column--initial"><div class="field field--name-field-adv-product-list field--type-string field--label-hidden"> <div class='field__items d-inline'> <span class="field__item">Small,</span> <span class="field__item">Medium,</span> <span class="field__item">Large,</span> <span class="field__item">XLarge</span> </div> </div> </div> </div> <div role="article" class="node node--type-advisory-product-branch row align-items-center"> <div class="d-inline column column--family"><div class="field field--name-field-adv-product-family field--type-entity-reference field--label-hidden"> <div class='field__items d-inline'> <span class="field__item">Firebox</span> </div> </div> </div> <div class="d-inline column column--branch"><span class="field field--name-title field--type-string field--label-hidden">FireboxCloud</span> </div> <div class="d-inline column column--list column--initial"><div class="field field--name-field-adv-product-list field--type-string field--label-hidden"> <div class='field__items d-inline'> <span class="field__item">Small,</span> <span class="field__item">Medium,</span> <span class="field__item">Large,</span> <span class="field__item">XLarge</span> </div> </div> </div> </div> </div> </div> Thu, 23 Jun 2022 20:50:01 +0000 WatchGuard 67801 at https://www.watchguard.com Firebox Authenticated Arbitrary File Read Vulnerability https://www.watchguard.com/wgrd-psirt/advisory/wgsa-2022-00013 <span class="field field--name-title field--type-string field--label-hidden">Firebox Authenticated Arbitrary File Read Vulnerability</span> <div class="field field--name-field-adv-id field--type-string field--label-inline"> <div class="field__label">Advisory ID</div> <div class="field__item odd field__item--1">WGSA-2022-00013</div> </div> <span class="field field--name-uid field--type-entity-reference field--label-hidden"><span>WatchGuard</span></span> <span class="field field--name-created field--type-created field--label-hidden">Thu, 06/23/2022 - 13:50</span> <div class="field field--name-field-adv-impact field--type-list-integer field--label-inline"> <div class="field__label">Impact</div> <div class="field__item odd field__item--1">Medium</div> </div> <div class="field field--name-field-adv-status field--type-list-string field--label-inline"> <div class="field__label">Status</div> <div class="field__item odd field__item--1">Resolved</div> </div> <div class="field field--name-field-adv-product-family field--type-entity-reference field--label-inline"> <div class="field__label">Product Family</div> <div class='field__items d-inline'> <span class="field__item">Firebox</span> </div> </div> <div class="field field--name-field-adv-published-date field--type-datetime field--label-inline"> <div class="field__label">Published Date</div> <div class="field__item odd field__item--1"><time datetime="2022-06-23T20:41:50Z" class="datetime">2022-06-23</time> </div> </div> <div class="field field--name-field-adv-updated-date field--type-datetime field--label-inline"> <div class="field__label">Updated Date</div> <div class="field__item odd field__item--1"><time datetime="2022-05-17T20:00:34Z" class="datetime">2022-05-17</time> </div> </div> <div class="field field--name-field-adv-workaround-available field--type-boolean field--label-inline"> <div class="field__label">Workaround Available</div> <div class="field__item odd field__item--1">False</div> </div> <div class="field field--name-field-adv-cvss-score field--type-decimal field--label-inline"> <div class="field__label">CVSS Score</div> <div class="field__item odd field__item--1">6.5</div> </div> <div class="field field--name-field-adv-cvss-vector field--type-string field--label-inline"> <div class="field__label">CVSS Vector</div> <div class="field__item odd field__item--1">CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N</div> </div> <div class="clearfix text-formatted field field--name-body field--type-text-with-summary field--label-inline"> <div class="field__label">Summary</div> <div class="field__item odd field__item--1"><p>WatchGuard Firebox and XTM appliances allow an authenticated remote attacker to read arbitrary text files from the filesystem.</p></div> </div> <div class="clearfix text-formatted field field--name-field-adv-affected field--type-text-long field--label-inline"> <div class="field__label">Affected</div> <div class="field__item odd field__item--1"><p>Fireware OS before 12.8, 12.x before 12.1.4, and 12.2.x through 12.5.x before 12.5.10</p></div> </div> <div class="clearfix text-formatted field field--name-field-adv-resolution field--type-text-long field--label-inline"> <div class="field__label">Resolution</div> <div class="field__item odd field__item--1"><p>Fireware OS 12.8, 12.1.4, 12.5.10</p></div> </div> <div class="field field--name-field-adv-credits field--type-string field--label-inline"> <div class="field__label">Credits</div> <div class='field__items d-inline'> <span class="field__item">Internally discovered</span> </div> </div> <div class="field field--name-field-adv-products field--type-entity-reference field--label-above mt-3"> <div class="field__label mb-1">Advisory Product List</div> <div class="striped-table zebra mt-2"> <div class="row head align-items-end"> <div class="d-inline column column--family">Product Family</div> <div class="d-inline column column--branch">Product Branch</div> <div class="d-inline column column--list column--initial">Product List</div> </div> <div role="article" class="node node--type-advisory-product-branch row align-items-center"> <div class="d-inline column column--family"><div class="field field--name-field-adv-product-family field--type-entity-reference field--label-hidden"> <div class='field__items d-inline'> <span class="field__item">Firebox</span> </div> </div> </div> <div class="d-inline column column--branch"><span class="field field--name-title field--type-string field--label-hidden">XTM 8 Series (2nd Gen)</span> </div> <div class="d-inline column column--list column--initial"><div class="field field--name-field-adv-product-list field--type-string field--label-hidden"> <div class='field__items d-inline'> <span class="field__item">XTM850,</span> <span class="field__item">XTM860,</span> <span class="field__item">XTM870,</span> <span class="field__item">XTM870-F</span> </div> </div> </div> </div> <div role="article" class="node node--type-advisory-product-branch row align-items-center"> <div class="d-inline column column--family"><div class="field field--name-field-adv-product-family field--type-entity-reference field--label-hidden"> <div class='field__items d-inline'> <span class="field__item">Firebox</span> </div> </div> </div> <div class="d-inline column column--branch"><span class="field field--name-title field--type-string field--label-hidden">XTM 1500 and 2520</span> </div> <div class="d-inline column column--list column--initial"><div class="field field--name-field-adv-product-list field--type-string field--label-hidden"> <div class='field__items d-inline'> <span class="field__item">XTM1520-RP,</span> <span class="field__item">XTM1525-RP,</span> <span class="field__item">XTM2520</span> </div> </div> </div> </div> <div role="article" class="node node--type-advisory-product-branch row align-items-center"> <div class="d-inline column column--family"><div class="field field--name-field-adv-product-family field--type-entity-reference field--label-hidden"> <div class='field__items d-inline'> <span class="field__item">Firebox</span> </div> </div> </div> <div class="d-inline column column--branch"><span class="field field--name-title field--type-string field--label-hidden">Firebox T (1st Gen)</span> </div> <div class="d-inline column column--list column--initial"><div class="field field--name-field-adv-product-list field--type-string field--label-hidden"> <div class='field__items d-inline'> <span class="field__item">T10,</span> <span class="field__item">T10-W,</span> <span class="field__item">T10-D,</span> <span class="field__item">T30,</span> <span class="field__item">T30-W,</span> <span class="field__item">T50,</span> <span class="field__item">T50-W</span> </div> </div> </div> </div> <div role="article" class="node node--type-advisory-product-branch row align-items-center"> <div class="d-inline column column--family"><div class="field field--name-field-adv-product-family field--type-entity-reference field--label-hidden"> <div class='field__items d-inline'> <span class="field__item">Firebox</span> </div> </div> </div> <div class="d-inline column column--branch"><span class="field field--name-title field--type-string field--label-hidden">Firebox T (3rd Gen)</span> </div> <div class="d-inline column column--list column--initial"><div class="field field--name-field-adv-product-list field--type-string field--label-hidden"> <div class='field__items d-inline'> <span class="field__item">T20,</span> <span class="field__item">T20-W,</span> <span class="field__item">T40,</span> <span class="field__item">T40-W,</span> <span class="field__item">T80</span> </div> </div> </div> </div> <div role="article" class="node node--type-advisory-product-branch row align-items-center"> <div class="d-inline column column--family"><div class="field field--name-field-adv-product-family field--type-entity-reference field--label-hidden"> <div class='field__items d-inline'> <span class="field__item">Firebox</span> </div> </div> </div> <div class="d-inline column column--branch"><span class="field field--name-title field--type-string field--label-hidden">Firebox M (1st Gen)</span> </div> <div class="d-inline column column--list column--initial"><div class="field field--name-field-adv-product-list field--type-string field--label-hidden"> <div class='field__items d-inline'> <span class="field__item">M200,</span> <span class="field__item">M300,</span> <span class="field__item">M400,</span> <span class="field__item">M440,</span> <span class="field__item">M500</span> </div> </div> </div> </div> <div role="article" class="node node--type-advisory-product-branch row align-items-center"> <div class="d-inline column column--family"><div class="field field--name-field-adv-product-family field--type-entity-reference field--label-hidden"> <div class='field__items d-inline'> <span class="field__item">Firebox</span> </div> </div> </div> <div class="d-inline column column--branch"><span class="field field--name-title field--type-string field--label-hidden">Firebox T (2nd Gen)</span> </div> <div class="d-inline column column--list column--initial"><div class="field field--name-field-adv-product-list field--type-string field--label-hidden"> <div class='field__items d-inline'> <span class="field__item">T15,</span> <span class="field__item">T15-W,</span> <span class="field__item">T35,</span> <span class="field__item">T35-W,</span> <span class="field__item">T35-R,</span> <span class="field__item">T55,</span> <span class="field__item">T55-W,</span> <span class="field__item">T70</span> </div> </div> </div> </div> <div role="article" class="node node--type-advisory-product-branch row align-items-center"> <div class="d-inline column column--family"><div class="field field--name-field-adv-product-family field--type-entity-reference field--label-hidden"> <div class='field__items d-inline'> <span class="field__item">Firebox</span> </div> </div> </div> <div class="d-inline column column--branch"><span class="field field--name-title field--type-string field--label-hidden">Firebox M (3rd Gen)</span> </div> <div class="d-inline column column--list column--initial"><div class="field field--name-field-adv-product-list field--type-string field--label-hidden"> <div class='field__items d-inline'> <span class="field__item">M290,</span> <span class="field__item">M390,</span> <span class="field__item">M590,</span> <span class="field__item">M690,</span> <span class="field__item">M4800,</span> <span class="field__item">M5800</span> </div> </div> </div> </div> <div role="article" class="node node--type-advisory-product-branch row align-items-center"> <div class="d-inline column column--family"><div class="field field--name-field-adv-product-family field--type-entity-reference field--label-hidden"> <div class='field__items d-inline'> <span class="field__item">Firebox</span> </div> </div> </div> <div class="d-inline column column--branch"><span class="field field--name-title field--type-string field--label-hidden">XTMv</span> </div> <div class="d-inline column column--list column--initial"><div class="field field--name-field-adv-product-list field--type-string field--label-hidden"> <div class='field__items d-inline'> <span class="field__item">Small,</span> <span class="field__item">Medium,</span> <span class="field__item">Large,</span> <span class="field__item">Datacenter</span> </div> </div> </div> </div> <div role="article" class="node node--type-advisory-product-branch row align-items-center"> <div class="d-inline column column--family"><div class="field field--name-field-adv-product-family field--type-entity-reference field--label-hidden"> <div class='field__items d-inline'> <span class="field__item">Firebox</span> </div> </div> </div> <div class="d-inline column column--branch"><span class="field field--name-title field--type-string field--label-hidden">FireboxV</span> </div> <div class="d-inline column column--list column--initial"><div class="field field--name-field-adv-product-list field--type-string field--label-hidden"> <div class='field__items d-inline'> <span class="field__item">Small,</span> <span class="field__item">Medium,</span> <span class="field__item">Large,</span> <span class="field__item">XLarge</span> </div> </div> </div> </div> <div role="article" class="node node--type-advisory-product-branch row align-items-center"> <div class="d-inline column column--family"><div class="field field--name-field-adv-product-family field--type-entity-reference field--label-hidden"> <div class='field__items d-inline'> <span class="field__item">Firebox</span> </div> </div> </div> <div class="d-inline column column--branch"><span class="field field--name-title field--type-string field--label-hidden">Firebox M (2nd Gen)</span> </div> <div class="d-inline column column--list column--initial"><div class="field field--name-field-adv-product-list field--type-string field--label-hidden"> <div class='field__items d-inline'> <span class="field__item">M270,</span> <span class="field__item">M370,</span> <span class="field__item">M470,</span> <span class="field__item">M570,</span> <span class="field__item">M670</span> </div> </div> </div> </div> <div role="article" class="node node--type-advisory-product-branch row align-items-center"> <div class="d-inline column column--family"><div class="field field--name-field-adv-product-family field--type-entity-reference field--label-hidden"> <div class='field__items d-inline'> <span class="field__item">Firebox</span> </div> </div> </div> <div class="d-inline column column--branch"><span class="field field--name-title field--type-string field--label-hidden">FireboxCloud</span> </div> <div class="d-inline column column--list column--initial"><div class="field field--name-field-adv-product-list field--type-string field--label-hidden"> <div class='field__items d-inline'> <span class="field__item">Small,</span> <span class="field__item">Medium,</span> <span class="field__item">Large,</span> <span class="field__item">XLarge</span> </div> </div> </div> </div> </div> </div> Thu, 23 Jun 2022 20:50:01 +0000 WatchGuard 67771 at https://www.watchguard.com Firebox Local Privilege Escallation Vulnerability https://www.watchguard.com/wgrd-psirt/advisory/wgsa-2022-00018 <span class="field field--name-title field--type-string field--label-hidden">Firebox Local Privilege Escallation Vulnerability</span> <div class="field field--name-field-adv-id field--type-string field--label-inline"> <div class="field__label">Advisory ID</div> <div class="field__item odd field__item--1">WGSA-2022-00018</div> </div> <span class="field field--name-uid field--type-entity-reference field--label-hidden"><span>WatchGuard</span></span> <span class="field field--name-created field--type-created field--label-hidden">Thu, 06/23/2022 - 13:50</span> <div class="field field--name-field-adv-impact field--type-list-integer field--label-inline"> <div class="field__label">Impact</div> <div class="field__item odd field__item--1">Medium</div> </div> <div class="field field--name-field-adv-status field--type-list-string field--label-inline"> <div class="field__label">Status</div> <div class="field__item odd field__item--1">Resolved</div> </div> <div class="field field--name-field-adv-product-family field--type-entity-reference field--label-inline"> <div class="field__label">Product Family</div> <div class='field__items d-inline'> <span class="field__item">Firebox</span> </div> </div> <div class="field field--name-field-adv-published-date field--type-datetime field--label-inline"> <div class="field__label">Published Date</div> <div class="field__item odd field__item--1"><time datetime="2022-06-23T20:47:43Z" class="datetime">2022-06-23</time> </div> </div> <div class="field field--name-field-adv-updated-date field--type-datetime field--label-inline"> <div class="field__label">Updated Date</div> <div class="field__item odd field__item--1"><time datetime="2022-06-17T22:40:49Z" class="datetime">2022-06-17</time> </div> </div> <div class="field field--name-field-adv-workaround-available field--type-boolean field--label-inline"> <div class="field__label">Workaround Available</div> <div class="field__item odd field__item--1">False</div> </div> <div class="field field--name-field-adv-cvss-score field--type-decimal field--label-inline"> <div class="field__label">CVSS Score</div> <div class="field__item odd field__item--1">4.4</div> </div> <div class="field field--name-field-adv-cvss-vector field--type-string field--label-inline"> <div class="field__label">CVSS Vector</div> <div class="field__item odd field__item--1">CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:N</div> </div> <div class="clearfix text-formatted field field--name-body field--type-text-with-summary field--label-inline"> <div class="field__label">Summary</div> <div class="field__item odd field__item--1"><p>A local privilege escalation vulnerability in Firebox and XTM devices could allow an attacker to execute commands with root privileges.</p></div> </div> <div class="clearfix text-formatted field field--name-field-adv-affected field--type-text-long field--label-inline"> <div class="field__label">Affected</div> <div class="field__item odd field__item--1"><p>Fireware OS before 12.8.1, 12.x before 12.1.4 and 12.2.x through 12.5.x before 12.5.10.</p></div> </div> <div class="clearfix text-formatted field field--name-field-adv-resolution field--type-text-long field--label-inline"> <div class="field__label">Resolution</div> <div class="field__item odd field__item--1"><p>Fireware OS 12.8.1, 12.5.10, 12.1.4</p></div> </div> <div class="field field--name-field-adv-credits field--type-string field--label-inline"> <div class="field__label">Credits</div> <div class='field__items d-inline'> <span class="field__item">Charles Fol from LEXFO/AMBIONICS</span> </div> </div> <div class="field field--name-field-adv-products field--type-entity-reference field--label-above mt-3"> <div class="field__label mb-1">Advisory Product List</div> <div class="striped-table zebra mt-2"> <div class="row head align-items-end"> <div class="d-inline column column--family">Product Family</div> <div class="d-inline column column--branch">Product Branch</div> <div class="d-inline column column--list column--initial">Product List</div> </div> <div role="article" class="node node--type-advisory-product-branch row align-items-center"> <div class="d-inline column column--family"><div class="field field--name-field-adv-product-family field--type-entity-reference field--label-hidden"> <div class='field__items d-inline'> <span class="field__item">Firebox</span> </div> </div> </div> <div class="d-inline column column--branch"><span class="field field--name-title field--type-string field--label-hidden">XTM 8 Series (2nd Gen)</span> </div> <div class="d-inline column column--list column--initial"><div class="field field--name-field-adv-product-list field--type-string field--label-hidden"> <div class='field__items d-inline'> <span class="field__item">XTM850,</span> <span class="field__item">XTM860,</span> <span class="field__item">XTM870,</span> <span class="field__item">XTM870-F</span> </div> </div> </div> </div> <div role="article" class="node node--type-advisory-product-branch row align-items-center"> <div class="d-inline column column--family"><div class="field field--name-field-adv-product-family field--type-entity-reference field--label-hidden"> <div class='field__items d-inline'> <span class="field__item">Firebox</span> </div> </div> </div> <div class="d-inline column column--branch"><span class="field field--name-title field--type-string field--label-hidden">XTM 1500 and 2520</span> </div> <div class="d-inline column column--list column--initial"><div class="field field--name-field-adv-product-list field--type-string field--label-hidden"> <div class='field__items d-inline'> <span class="field__item">XTM1520-RP,</span> <span class="field__item">XTM1525-RP,</span> <span class="field__item">XTM2520</span> </div> </div> </div> </div> <div role="article" class="node node--type-advisory-product-branch row align-items-center"> <div class="d-inline column column--family"><div class="field field--name-field-adv-product-family field--type-entity-reference field--label-hidden"> <div class='field__items d-inline'> <span class="field__item">Firebox</span> </div> </div> </div> <div class="d-inline column column--branch"><span class="field field--name-title field--type-string field--label-hidden">Firebox T (1st Gen)</span> </div> <div class="d-inline column column--list column--initial"><div class="field field--name-field-adv-product-list field--type-string field--label-hidden"> <div class='field__items d-inline'> <span class="field__item">T10,</span> <span class="field__item">T10-W,</span> <span class="field__item">T10-D,</span> <span class="field__item">T30,</span> <span class="field__item">T30-W,</span> <span class="field__item">T50,</span> <span class="field__item">T50-W</span> </div> </div> </div> </div> <div role="article" class="node node--type-advisory-product-branch row align-items-center"> <div class="d-inline column column--family"><div class="field field--name-field-adv-product-family field--type-entity-reference field--label-hidden"> <div class='field__items d-inline'> <span class="field__item">Firebox</span> </div> </div> </div> <div class="d-inline column column--branch"><span class="field field--name-title field--type-string field--label-hidden">Firebox T (3rd Gen)</span> </div> <div class="d-inline column column--list column--initial"><div class="field field--name-field-adv-product-list field--type-string field--label-hidden"> <div class='field__items d-inline'> <span class="field__item">T20,</span> <span class="field__item">T20-W,</span> <span class="field__item">T40,</span> <span class="field__item">T40-W,</span> <span class="field__item">T80</span> </div> </div> </div> </div> <div role="article" class="node node--type-advisory-product-branch row align-items-center"> <div class="d-inline column column--family"><div class="field field--name-field-adv-product-family field--type-entity-reference field--label-hidden"> <div class='field__items d-inline'> <span class="field__item">Firebox</span> </div> </div> </div> <div class="d-inline column column--branch"><span class="field field--name-title field--type-string field--label-hidden">Firebox M (1st Gen)</span> </div> <div class="d-inline column column--list column--initial"><div class="field field--name-field-adv-product-list field--type-string field--label-hidden"> <div class='field__items d-inline'> <span class="field__item">M200,</span> <span class="field__item">M300,</span> <span class="field__item">M400,</span> <span class="field__item">M440,</span> <span class="field__item">M500</span> </div> </div> </div> </div> <div role="article" class="node node--type-advisory-product-branch row align-items-center"> <div class="d-inline column column--family"><div class="field field--name-field-adv-product-family field--type-entity-reference field--label-hidden"> <div class='field__items d-inline'> <span class="field__item">Firebox</span> </div> </div> </div> <div class="d-inline column column--branch"><span class="field field--name-title field--type-string field--label-hidden">Firebox T (2nd Gen)</span> </div> <div class="d-inline column column--list column--initial"><div class="field field--name-field-adv-product-list field--type-string field--label-hidden"> <div class='field__items d-inline'> <span class="field__item">T15,</span> <span class="field__item">T15-W,</span> <span class="field__item">T35,</span> <span class="field__item">T35-W,</span> <span class="field__item">T35-R,</span> <span class="field__item">T55,</span> <span class="field__item">T55-W,</span> <span class="field__item">T70</span> </div> </div> </div> </div> <div role="article" class="node node--type-advisory-product-branch row align-items-center"> <div class="d-inline column column--family"><div class="field field--name-field-adv-product-family field--type-entity-reference field--label-hidden"> <div class='field__items d-inline'> <span class="field__item">Firebox</span> </div> </div> </div> <div class="d-inline column column--branch"><span class="field field--name-title field--type-string field--label-hidden">Firebox M (2nd Gen)</span> </div> <div class="d-inline column column--list column--initial"><div class="field field--name-field-adv-product-list field--type-string field--label-hidden"> <div class='field__items d-inline'> <span class="field__item">M270,</span> <span class="field__item">M370,</span> <span class="field__item">M470,</span> <span class="field__item">M570,</span> <span class="field__item">M670</span> </div> </div> </div> </div> <div role="article" class="node node--type-advisory-product-branch row align-items-center"> <div class="d-inline column column--family"><div class="field field--name-field-adv-product-family field--type-entity-reference field--label-hidden"> <div class='field__items d-inline'> <span class="field__item">Firebox</span> </div> </div> </div> <div class="d-inline column column--branch"><span class="field field--name-title field--type-string field--label-hidden">Firebox M (3rd Gen)</span> </div> <div class="d-inline column column--list column--initial"><div class="field field--name-field-adv-product-list field--type-string field--label-hidden"> <div class='field__items d-inline'> <span class="field__item">M290,</span> <span class="field__item">M390,</span> <span class="field__item">M590,</span> <span class="field__item">M690,</span> <span class="field__item">M4800,</span> <span class="field__item">M5800</span> </div> </div> </div> </div> <div role="article" class="node node--type-advisory-product-branch row align-items-center"> <div class="d-inline column column--family"><div class="field field--name-field-adv-product-family field--type-entity-reference field--label-hidden"> <div class='field__items d-inline'> <span class="field__item">Firebox</span> </div> </div> </div> <div class="d-inline column column--branch"><span class="field field--name-title field--type-string field--label-hidden">XTMv</span> </div> <div class="d-inline column column--list column--initial"><div class="field field--name-field-adv-product-list field--type-string field--label-hidden"> <div class='field__items d-inline'> <span class="field__item">Small,</span> <span class="field__item">Medium,</span> <span class="field__item">Large,</span> <span class="field__item">Datacenter</span> </div> </div> </div> </div> <div role="article" class="node node--type-advisory-product-branch row align-items-center"> <div class="d-inline column column--family"><div class="field field--name-field-adv-product-family field--type-entity-reference field--label-hidden"> <div class='field__items d-inline'> <span class="field__item">Firebox</span> </div> </div> </div> <div class="d-inline column column--branch"><span class="field field--name-title field--type-string field--label-hidden">FireboxV</span> </div> <div class="d-inline column column--list column--initial"><div class="field field--name-field-adv-product-list field--type-string field--label-hidden"> <div class='field__items d-inline'> <span class="field__item">Small,</span> <span class="field__item">Medium,</span> <span class="field__item">Large,</span> <span class="field__item">XLarge</span> </div> </div> </div> </div> <div role="article" class="node node--type-advisory-product-branch row align-items-center"> <div class="d-inline column column--family"><div class="field field--name-field-adv-product-family field--type-entity-reference field--label-hidden"> <div class='field__items d-inline'> <span class="field__item">Firebox</span> </div> </div> </div> <div class="d-inline column column--branch"><span class="field field--name-title field--type-string field--label-hidden">FireboxCloud</span> </div> <div class="d-inline column column--list column--initial"><div class="field field--name-field-adv-product-list field--type-string field--label-hidden"> <div class='field__items d-inline'> <span class="field__item">Small,</span> <span class="field__item">Medium,</span> <span class="field__item">Large,</span> <span class="field__item">XLarge</span> </div> </div> </div> </div> </div> </div> Thu, 23 Jun 2022 20:50:01 +0000 WatchGuard 67776 at https://www.watchguard.com Firebox WebUI Stored Cross-Site Scripting (XSS) Vulnerability https://www.watchguard.com/wgrd-psirt/advisory/wgsa-2022-00014 <span class="field field--name-title field--type-string field--label-hidden">Firebox WebUI Stored Cross-Site Scripting (XSS) Vulnerability</span> <div class="field field--name-field-adv-id field--type-string field--label-inline"> <div class="field__label">Advisory ID</div> <div class="field__item odd field__item--1">WGSA-2022-00014</div> </div> <span class="field field--name-uid field--type-entity-reference field--label-hidden"><span>WatchGuard</span></span> <span class="field field--name-created field--type-created field--label-hidden">Thu, 06/23/2022 - 13:50</span> <div class="field field--name-field-adv-cve field--type-string-long field--label-inline"> <div class="field__label">CVE</div> <div class="field__item odd field__item--1">CVE-2022-31792</div> </div> <div class="field field--name-field-adv-impact field--type-list-integer field--label-inline"> <div class="field__label">Impact</div> <div class="field__item odd field__item--1">Medium</div> </div> <div class="field field--name-field-adv-status field--type-list-string field--label-inline"> <div class="field__label">Status</div> <div class="field__item odd field__item--1">Resolved</div> </div> <div class="field field--name-field-adv-product-family field--type-entity-reference field--label-inline"> <div class="field__label">Product Family</div> <div class='field__items d-inline'> <span class="field__item">Firebox</span> </div> </div> <div class="field field--name-field-adv-published-date field--type-datetime field--label-inline"> <div class="field__label">Published Date</div> <div class="field__item odd field__item--1"><time datetime="2022-06-23T20:42:05Z" class="datetime">2022-06-23</time> </div> </div> <div class="field field--name-field-adv-updated-date field--type-datetime field--label-inline"> <div class="field__label">Updated Date</div> <div class="field__item odd field__item--1"><time datetime="2022-06-17T21:53:44Z" class="datetime">2022-06-17</time> </div> </div> <div class="field field--name-field-adv-workaround-available field--type-boolean field--label-inline"> <div class="field__label">Workaround Available</div> <div class="field__item odd field__item--1">False</div> </div> <div class="field field--name-field-adv-cvss-score field--type-decimal field--label-inline"> <div class="field__label">CVSS Score</div> <div class="field__item odd field__item--1">6.8</div> </div> <div class="field field--name-field-adv-cvss-vector field--type-string field--label-inline"> <div class="field__label">CVSS Vector</div> <div class="field__item odd field__item--1">CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:N</div> </div> <div class="clearfix text-formatted field field--name-body field--type-text-with-summary field--label-inline"> <div class="field__label">Summary</div> <div class="field__item odd field__item--1"><p>A stored cross-site scripting (XSS) vulnerability exists in the management interface of WatchGuard Firebox and XTM appliances. An unauthenticated remote attacker can potentially execute arbitrary JavaScript code in the Firebox management interface by sending carefully crafted requests to exposed management ports.</p></div> </div> <div class="clearfix text-formatted field field--name-field-adv-affected field--type-text-long field--label-inline"> <div class="field__label">Affected</div> <div class="field__item odd field__item--1"><p>Fireware OS before 12.8.1, 12.x before 12.1.4, and 12.2.x through 12.5.x before 12.5.10.</p></div> </div> <div class="clearfix text-formatted field field--name-field-adv-resolution field--type-text-long field--label-inline"> <div class="field__label">Resolution</div> <div class="field__item odd field__item--1"><p>Fireware OS 12.8.1, 12.5.10 and 12.1.4</p></div> </div> <div class="field field--name-field-adv-credits field--type-string field--label-inline"> <div class="field__label">Credits</div> <div class='field__items d-inline'> <span class="field__item">Internally discovered</span> </div> </div> <div class="field field--name-field-adv-products field--type-entity-reference field--label-above mt-3"> <div class="field__label mb-1">Advisory Product List</div> <div class="striped-table zebra mt-2"> <div class="row head align-items-end"> <div class="d-inline column column--family">Product Family</div> <div class="d-inline column column--branch">Product Branch</div> <div class="d-inline column column--list column--initial">Product List</div> </div> <div role="article" class="node node--type-advisory-product-branch row align-items-center"> <div class="d-inline column column--family"><div class="field field--name-field-adv-product-family field--type-entity-reference field--label-hidden"> <div class='field__items d-inline'> <span class="field__item">Firebox</span> </div> </div> </div> <div class="d-inline column column--branch"><span class="field field--name-title field--type-string field--label-hidden">XTM 8 Series (2nd Gen)</span> </div> <div class="d-inline column column--list column--initial"><div class="field field--name-field-adv-product-list field--type-string field--label-hidden"> <div class='field__items d-inline'> <span class="field__item">XTM850,</span> <span class="field__item">XTM860,</span> <span class="field__item">XTM870,</span> <span class="field__item">XTM870-F</span> </div> </div> </div> </div> <div role="article" class="node node--type-advisory-product-branch row align-items-center"> <div class="d-inline column column--family"><div class="field field--name-field-adv-product-family field--type-entity-reference field--label-hidden"> <div class='field__items d-inline'> <span class="field__item">Firebox</span> </div> </div> </div> <div class="d-inline column column--branch"><span class="field field--name-title field--type-string field--label-hidden">XTM 1500 and 2520</span> </div> <div class="d-inline column column--list column--initial"><div class="field field--name-field-adv-product-list field--type-string field--label-hidden"> <div class='field__items d-inline'> <span class="field__item">XTM1520-RP,</span> <span class="field__item">XTM1525-RP,</span> <span class="field__item">XTM2520</span> </div> </div> </div> </div> <div role="article" class="node node--type-advisory-product-branch row align-items-center"> <div class="d-inline column column--family"><div class="field field--name-field-adv-product-family field--type-entity-reference field--label-hidden"> <div class='field__items d-inline'> <span class="field__item">Firebox</span> </div> </div> </div> <div class="d-inline column column--branch"><span class="field field--name-title field--type-string field--label-hidden">Firebox T (1st Gen)</span> </div> <div class="d-inline column column--list column--initial"><div class="field field--name-field-adv-product-list field--type-string field--label-hidden"> <div class='field__items d-inline'> <span class="field__item">T10,</span> <span class="field__item">T10-W,</span> <span class="field__item">T10-D,</span> <span class="field__item">T30,</span> <span class="field__item">T30-W,</span> <span class="field__item">T50,</span> <span class="field__item">T50-W</span> </div> </div> </div> </div> <div role="article" class="node node--type-advisory-product-branch row align-items-center"> <div class="d-inline column column--family"><div class="field field--name-field-adv-product-family field--type-entity-reference field--label-hidden"> <div class='field__items d-inline'> <span class="field__item">Firebox</span> </div> </div> </div> <div class="d-inline column column--branch"><span class="field field--name-title field--type-string field--label-hidden">Firebox T (2nd Gen)</span> </div> <div class="d-inline column column--list column--initial"><div class="field field--name-field-adv-product-list field--type-string field--label-hidden"> <div class='field__items d-inline'> <span class="field__item">T15,</span> <span class="field__item">T15-W,</span> <span class="field__item">T35,</span> <span class="field__item">T35-W,</span> <span class="field__item">T35-R,</span> <span class="field__item">T55,</span> <span class="field__item">T55-W,</span> <span class="field__item">T70</span> </div> </div> </div> </div> <div role="article" class="node node--type-advisory-product-branch row align-items-center"> <div class="d-inline column column--family"><div class="field field--name-field-adv-product-family field--type-entity-reference field--label-hidden"> <div class='field__items d-inline'> <span class="field__item">Firebox</span> </div> </div> </div> <div class="d-inline column column--branch"><span class="field field--name-title field--type-string field--label-hidden">Firebox T (3rd Gen)</span> </div> <div class="d-inline column column--list column--initial"><div class="field field--name-field-adv-product-list field--type-string field--label-hidden"> <div class='field__items d-inline'> <span class="field__item">T20,</span> <span class="field__item">T20-W,</span> <span class="field__item">T40,</span> <span class="field__item">T40-W,</span> <span class="field__item">T80</span> </div> </div> </div> </div> <div role="article" class="node node--type-advisory-product-branch row align-items-center"> <div class="d-inline column column--family"><div class="field field--name-field-adv-product-family field--type-entity-reference field--label-hidden"> <div class='field__items d-inline'> <span class="field__item">Firebox</span> </div> </div> </div> <div class="d-inline column column--branch"><span class="field field--name-title field--type-string field--label-hidden">Firebox M (1st Gen)</span> </div> <div class="d-inline column column--list column--initial"><div class="field field--name-field-adv-product-list field--type-string field--label-hidden"> <div class='field__items d-inline'> <span class="field__item">M200,</span> <span class="field__item">M300,</span> <span class="field__item">M400,</span> <span class="field__item">M440,</span> <span class="field__item">M500</span> </div> </div> </div> </div> <div role="article" class="node node--type-advisory-product-branch row align-items-center"> <div class="d-inline column column--family"><div class="field field--name-field-adv-product-family field--type-entity-reference field--label-hidden"> <div class='field__items d-inline'> <span class="field__item">Firebox</span> </div> </div> </div> <div class="d-inline column column--branch"><span class="field field--name-title field--type-string field--label-hidden">Firebox M (2nd Gen)</span> </div> <div class="d-inline column column--list column--initial"><div class="field field--name-field-adv-product-list field--type-string field--label-hidden"> <div class='field__items d-inline'> <span class="field__item">M270,</span> <span class="field__item">M370,</span> <span class="field__item">M470,</span> <span class="field__item">M570,</span> <span class="field__item">M670</span> </div> </div> </div> </div> <div role="article" class="node node--type-advisory-product-branch row align-items-center"> <div class="d-inline column column--family"><div class="field field--name-field-adv-product-family field--type-entity-reference field--label-hidden"> <div class='field__items d-inline'> <span class="field__item">Firebox</span> </div> </div> </div> <div class="d-inline column column--branch"><span class="field field--name-title field--type-string field--label-hidden">Firebox M (3rd Gen)</span> </div> <div class="d-inline column column--list column--initial"><div class="field field--name-field-adv-product-list field--type-string field--label-hidden"> <div class='field__items d-inline'> <span class="field__item">M290,</span> <span class="field__item">M390,</span> <span class="field__item">M590,</span> <span class="field__item">M690,</span> <span class="field__item">M4800,</span> <span class="field__item">M5800</span> </div> </div> </div> </div> <div role="article" class="node node--type-advisory-product-branch row align-items-center"> <div class="d-inline column column--family"><div class="field field--name-field-adv-product-family field--type-entity-reference field--label-hidden"> <div class='field__items d-inline'> <span class="field__item">Firebox</span> </div> </div> </div> <div class="d-inline column column--branch"><span class="field field--name-title field--type-string field--label-hidden">XTMv</span> </div> <div class="d-inline column column--list column--initial"><div class="field field--name-field-adv-product-list field--type-string field--label-hidden"> <div class='field__items d-inline'> <span class="field__item">Small,</span> <span class="field__item">Medium,</span> <span class="field__item">Large,</span> <span class="field__item">Datacenter</span> </div> </div> </div> </div> <div role="article" class="node node--type-advisory-product-branch row align-items-center"> <div class="d-inline column column--family"><div class="field field--name-field-adv-product-family field--type-entity-reference field--label-hidden"> <div class='field__items d-inline'> <span class="field__item">Firebox</span> </div> </div> </div> <div class="d-inline column column--branch"><span class="field field--name-title field--type-string field--label-hidden">FireboxV</span> </div> <div class="d-inline column column--list column--initial"><div class="field field--name-field-adv-product-list field--type-string field--label-hidden"> <div class='field__items d-inline'> <span class="field__item">Small,</span> <span class="field__item">Medium,</span> <span class="field__item">Large,</span> <span class="field__item">XLarge</span> </div> </div> </div> </div> <div role="article" class="node node--type-advisory-product-branch row align-items-center"> <div class="d-inline column column--family"><div class="field field--name-field-adv-product-family field--type-entity-reference field--label-hidden"> <div class='field__items d-inline'> <span class="field__item">Firebox</span> </div> </div> </div> <div class="d-inline column column--branch"><span class="field field--name-title field--type-string field--label-hidden">FireboxCloud</span> </div> <div class="d-inline column column--list column--initial"><div class="field field--name-field-adv-product-list field--type-string field--label-hidden"> <div class='field__items d-inline'> <span class="field__item">Small,</span> <span class="field__item">Medium,</span> <span class="field__item">Large,</span> <span class="field__item">XLarge</span> </div> </div> </div> </div> </div> </div> Thu, 23 Jun 2022 20:50:01 +0000 WatchGuard 67781 at https://www.watchguard.com Firebox Unauthenticated Buffer Overflow Vulnerability https://www.watchguard.com/wgrd-psirt/advisory/wgsa-2022-00015 <span class="field field--name-title field--type-string field--label-hidden">Firebox Unauthenticated Buffer Overflow Vulnerability</span> <div class="field field--name-field-adv-id field--type-string field--label-inline"> <div class="field__label">Advisory ID</div> <div class="field__item odd field__item--1">WGSA-2022-00015</div> </div> <span class="field field--name-uid field--type-entity-reference field--label-hidden"><span>WatchGuard</span></span> <span class="field field--name-created field--type-created field--label-hidden">Thu, 06/23/2022 - 13:50</span> <div class="field field--name-field-adv-cve field--type-string-long field--label-inline"> <div class="field__label">CVE</div> <div class="field__item odd field__item--1">CVE-2022-31789</div> </div> <div class="field field--name-field-adv-impact field--type-list-integer field--label-inline"> <div class="field__label">Impact</div> <div class="field__item odd field__item--1">Critical</div> </div> <div class="field field--name-field-adv-status field--type-list-string field--label-inline"> <div class="field__label">Status</div> <div class="field__item odd field__item--1">Resolved</div> </div> <div class="field field--name-field-adv-product-family field--type-entity-reference field--label-inline"> <div class="field__label">Product Family</div> <div class='field__items d-inline'> <span class="field__item">Firebox</span> </div> </div> <div class="field field--name-field-adv-published-date field--type-datetime field--label-inline"> <div class="field__label">Published Date</div> <div class="field__item odd field__item--1"><time datetime="2022-06-23T20:44:17Z" class="datetime">2022-06-23</time> </div> </div> <div class="field field--name-field-adv-updated-date field--type-datetime field--label-inline"> <div class="field__label">Updated Date</div> <div class="field__item odd field__item--1"><time datetime="2022-06-17T22:09:54Z" class="datetime">2022-06-17</time> </div> </div> <div class="field field--name-field-adv-workaround-available field--type-boolean field--label-inline"> <div class="field__label">Workaround Available</div> <div class="field__item odd field__item--1">True</div> </div> <div class="field field--name-field-adv-cvss-score field--type-decimal field--label-inline"> <div class="field__label">CVSS Score</div> <div class="field__item odd field__item--1">9.8</div> </div> <div class="field field--name-field-adv-cvss-vector field--type-string field--label-inline"> <div class="field__label">CVSS Vector</div> <div class="field__item odd field__item--1">CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H</div> </div> <div class="clearfix text-formatted field field--name-body field--type-text-with-summary field--label-inline"> <div class="field__label">Summary</div> <div class="field__item odd field__item--1"><p>An integer overflow in WatchGuard Firebox and XTM appliances allows an unauthenticated remote attacker to trigger a buffer overflow and potentially execute arbitrary code by sending a malicious request to exposed management ports.</p></div> </div> <div class="clearfix text-formatted field field--name-field-adv-affected field--type-text-long field--label-inline"> <div class="field__label">Affected</div> <div class="field__item odd field__item--1"><p>Fireware OS before 12.8.1, 12.x before 12.1.4, and 12.2.x through 12.5.x before 12.5.10.</p></div> </div> <div class="clearfix text-formatted field field--name-field-adv-resolution field--type-text-long field--label-inline"> <div class="field__label">Resolution</div> <div class="field__item odd field__item--1"><p>Fireware OS 12.8.1, 12.5.10 and 12.1.4</p></div> </div> <div class="clearfix text-formatted field field--name-field-adv-workaround field--type-text-long field--label-inline"> <div class="field__label">Workaround</div> <div class="field__item odd field__item--1"><p>Follow WatchGuard's <a href="https://techsearch.watchguard.com/KB?type=Article&amp;SFDCID=kA10H000000XeAtSAK&amp;lang=en_US">recommended best practices</a> for remote management access and do not expose unrestricted management access to the internet.</p></div> </div> <div class="field field--name-field-adv-credits field--type-string field--label-inline"> <div class="field__label">Credits</div> <div class='field__items d-inline'> <span class="field__item">Charles Fol from LEXFO/AMBIONICS</span> </div> </div> <div class="field field--name-field-adv-products field--type-entity-reference field--label-above mt-3"> <div class="field__label mb-1">Advisory Product List</div> <div class="striped-table zebra mt-2"> <div class="row head align-items-end"> <div class="d-inline column column--family">Product Family</div> <div class="d-inline column column--branch">Product Branch</div> <div class="d-inline column column--list column--initial">Product List</div> </div> <div role="article" class="node node--type-advisory-product-branch row align-items-center"> <div class="d-inline column column--family"><div class="field field--name-field-adv-product-family field--type-entity-reference field--label-hidden"> <div class='field__items d-inline'> <span class="field__item">Firebox</span> </div> </div> </div> <div class="d-inline column column--branch"><span class="field field--name-title field--type-string field--label-hidden">XTM 8 Series (2nd Gen)</span> </div> <div class="d-inline column column--list column--initial"><div class="field field--name-field-adv-product-list field--type-string field--label-hidden"> <div class='field__items d-inline'> <span class="field__item">XTM850,</span> <span class="field__item">XTM860,</span> <span class="field__item">XTM870,</span> <span class="field__item">XTM870-F</span> </div> </div> </div> </div> <div role="article" class="node node--type-advisory-product-branch row align-items-center"> <div class="d-inline column column--family"><div class="field field--name-field-adv-product-family field--type-entity-reference field--label-hidden"> <div class='field__items d-inline'> <span class="field__item">Firebox</span> </div> </div> </div> <div class="d-inline column column--branch"><span class="field field--name-title field--type-string field--label-hidden">Firebox T (1st Gen)</span> </div> <div class="d-inline column column--list column--initial"><div class="field field--name-field-adv-product-list field--type-string field--label-hidden"> <div class='field__items d-inline'> <span class="field__item">T10,</span> <span class="field__item">T10-W,</span> <span class="field__item">T10-D,</span> <span class="field__item">T30,</span> <span class="field__item">T30-W,</span> <span class="field__item">T50,</span> <span class="field__item">T50-W</span> </div> </div> </div> </div> <div role="article" class="node node--type-advisory-product-branch row align-items-center"> <div class="d-inline column column--family"><div class="field field--name-field-adv-product-family field--type-entity-reference field--label-hidden"> <div class='field__items d-inline'> <span class="field__item">Firebox</span> </div> </div> </div> <div class="d-inline column column--branch"><span class="field field--name-title field--type-string field--label-hidden">XTM 1500 and 2520</span> </div> <div class="d-inline column column--list column--initial"><div class="field field--name-field-adv-product-list field--type-string field--label-hidden"> <div class='field__items d-inline'> <span class="field__item">XTM1520-RP,</span> <span class="field__item">XTM1525-RP,</span> <span class="field__item">XTM2520</span> </div> </div> </div> </div> <div role="article" class="node node--type-advisory-product-branch row align-items-center"> <div class="d-inline column column--family"><div class="field field--name-field-adv-product-family field--type-entity-reference field--label-hidden"> <div class='field__items d-inline'> <span class="field__item">Firebox</span> </div> </div> </div> <div class="d-inline column column--branch"><span class="field field--name-title field--type-string field--label-hidden">Firebox T (2nd Gen)</span> </div> <div class="d-inline column column--list column--initial"><div class="field field--name-field-adv-product-list field--type-string field--label-hidden"> <div class='field__items d-inline'> <span class="field__item">T15,</span> <span class="field__item">T15-W,</span> <span class="field__item">T35,</span> <span class="field__item">T35-W,</span> <span class="field__item">T35-R,</span> <span class="field__item">T55,</span> <span class="field__item">T55-W,</span> <span class="field__item">T70</span> </div> </div> </div> </div> <div role="article" class="node node--type-advisory-product-branch row align-items-center"> <div class="d-inline column column--family"><div class="field field--name-field-adv-product-family field--type-entity-reference field--label-hidden"> <div class='field__items d-inline'> <span class="field__item">Firebox</span> </div> </div> </div> <div class="d-inline column column--branch"><span class="field field--name-title field--type-string field--label-hidden">Firebox T (3rd Gen)</span> </div> <div class="d-inline column column--list column--initial"><div class="field field--name-field-adv-product-list field--type-string field--label-hidden"> <div class='field__items d-inline'> <span class="field__item">T20,</span> <span class="field__item">T20-W,</span> <span class="field__item">T40,</span> <span class="field__item">T40-W,</span> <span class="field__item">T80</span> </div> </div> </div> </div> <div role="article" class="node node--type-advisory-product-branch row align-items-center"> <div class="d-inline column column--family"><div class="field field--name-field-adv-product-family field--type-entity-reference field--label-hidden"> <div class='field__items d-inline'> <span class="field__item">Firebox</span> </div> </div> </div> <div class="d-inline column column--branch"><span class="field field--name-title field--type-string field--label-hidden">Firebox M (1st Gen)</span> </div> <div class="d-inline column column--list column--initial"><div class="field field--name-field-adv-product-list field--type-string field--label-hidden"> <div class='field__items d-inline'> <span class="field__item">M200,</span> <span class="field__item">M300,</span> <span class="field__item">M400,</span> <span class="field__item">M440,</span> <span class="field__item">M500</span> </div> </div> </div> </div> <div role="article" class="node node--type-advisory-product-branch row align-items-center"> <div class="d-inline column column--family"><div class="field field--name-field-adv-product-family field--type-entity-reference field--label-hidden"> <div class='field__items d-inline'> <span class="field__item">Firebox</span> </div> </div> </div> <div class="d-inline column column--branch"><span class="field field--name-title field--type-string field--label-hidden">Firebox M (2nd Gen)</span> </div> <div class="d-inline column column--list column--initial"><div class="field field--name-field-adv-product-list field--type-string field--label-hidden"> <div class='field__items d-inline'> <span class="field__item">M270,</span> <span class="field__item">M370,</span> <span class="field__item">M470,</span> <span class="field__item">M570,</span> <span class="field__item">M670</span> </div> </div> </div> </div> <div role="article" class="node node--type-advisory-product-branch row align-items-center"> <div class="d-inline column column--family"><div class="field field--name-field-adv-product-family field--type-entity-reference field--label-hidden"> <div class='field__items d-inline'> <span class="field__item">Firebox</span> </div> </div> </div> <div class="d-inline column column--branch"><span class="field field--name-title field--type-string field--label-hidden">Firebox M (3rd Gen)</span> </div> <div class="d-inline column column--list column--initial"><div class="field field--name-field-adv-product-list field--type-string field--label-hidden"> <div class='field__items d-inline'> <span class="field__item">M290,</span> <span class="field__item">M390,</span> <span class="field__item">M590,</span> <span class="field__item">M690,</span> <span class="field__item">M4800,</span> <span class="field__item">M5800</span> </div> </div> </div> </div> <div role="article" class="node node--type-advisory-product-branch row align-items-center"> <div class="d-inline column column--family"><div class="field field--name-field-adv-product-family field--type-entity-reference field--label-hidden"> <div class='field__items d-inline'> <span class="field__item">Firebox</span> </div> </div> </div> <div class="d-inline column column--branch"><span class="field field--name-title field--type-string field--label-hidden">XTMv</span> </div> <div class="d-inline column column--list column--initial"><div class="field field--name-field-adv-product-list field--type-string field--label-hidden"> <div class='field__items d-inline'> <span class="field__item">Small,</span> <span class="field__item">Medium,</span> <span class="field__item">Large,</span> <span class="field__item">Datacenter</span> </div> </div> </div> </div> <div role="article" class="node node--type-advisory-product-branch row align-items-center"> <div class="d-inline column column--family"><div class="field field--name-field-adv-product-family field--type-entity-reference field--label-hidden"> <div class='field__items d-inline'> <span class="field__item">Firebox</span> </div> </div> </div> <div class="d-inline column column--branch"><span class="field field--name-title field--type-string field--label-hidden">FireboxV</span> </div> <div class="d-inline column column--list column--initial"><div class="field field--name-field-adv-product-list field--type-string field--label-hidden"> <div class='field__items d-inline'> <span class="field__item">Small,</span> <span class="field__item">Medium,</span> <span class="field__item">Large,</span> <span class="field__item">XLarge</span> </div> </div> </div> </div> <div role="article" class="node node--type-advisory-product-branch row align-items-center"> <div class="d-inline column column--family"><div class="field field--name-field-adv-product-family field--type-entity-reference field--label-hidden"> <div class='field__items d-inline'> <span class="field__item">Firebox</span> </div> </div> </div> <div class="d-inline column column--branch"><span class="field field--name-title field--type-string field--label-hidden">FireboxCloud</span> </div> <div class="d-inline column column--list column--initial"><div class="field field--name-field-adv-product-list field--type-string field--label-hidden"> <div class='field__items d-inline'> <span class="field__item">Small,</span> <span class="field__item">Medium,</span> <span class="field__item">Large,</span> <span class="field__item">XLarge</span> </div> </div> </div> </div> </div> </div> Thu, 23 Jun 2022 20:50:01 +0000 WatchGuard 67786 at https://www.watchguard.com