3rd Party Security Vulnerabilities Advisories

Vendor Name Vulnerability Reported Author Date Reported Date Closed Duration to Fix Affected Products CVE’s     Status Reference
Zscaler Click Jacking Liad Mizrachi June 8th 2014 39 days Zscaler Cloud No CVE Fixed & published Advisory
BlueCoat Stored XSS, No http only cookie, No secured cookie Avi Gimpel
Oded Vanunu		 April 7th 2014 June 3rd 58 days ThreatPulse Version: 6.3.2-2014.02.07 CVE-2014-2724,
CVE-2014-2725,
CVE-2014-2726		 Fixed & published Advisory Link
Fortinet XSS Inbar Raz/william Costa July 1st 2013 Nov 22nd 2013 144 days FortiGate’s FortiAnalyzer & FortiManager up to firmware version v5.0.6 CVE-2013-6826 Fixed & published Advisory Link
XSS Oded Vanunu & Adi Volkovitz March 10th 2014 Oct 30th 2014 234 days FortiManager and FortiAnalyzer Web UI CVE-2014-2334,
CVE-2014-2335,
CVE-2014-2336		 Fixed & published Advisory Link
Sourcefire XSS
CSRF		 Liad Mizrachi
Adi Volkovitz		 Feb 16th 2014 Apr 22th 2014 66 days SourceFire NGIPS Defense Center version 5.2.0.1 CVE-2014-2012,
CVE-2014-2028,
CVE-2014-2011		 Fixed & published Advisory Link
Link
Link
Link
Cisco XSS Adi Volkovitz Mar 4th 2014 Mar 27th 2014 24 days Cisco Prime Security Manager ver 9.2.1.2 CVE-2014-2118 Fixed & published Advisory Link
XSS (Cross-Site-Scripting) Dikla Barda Sep 8th 2014 Dec 12 2014 93 days Cisco Prime Security Manager (PRSM) CVE-2014-3364 Fixed & published Advisory Link
Palo Alto CSRF Anton Ziukin Nov 20th 2013 Feb 4th 2014 77 days PAN-OS version 4.1.15 and earlier; 5.0.9 and earlier; 5.1.4 and earlier. CVE-2013-6850, CVE-2013-6851 Fixed & published Advisory Link
XSS (Cross-Site-Scripting) Avi Gimpel & Oded Vanunu May 21 2014 Dec 12 2014 216 days PAN-OS version 6.0.5 and earlier; 5.1.9 and earlier; 5.0.14 and earlier CVE-2014-3764 Fixed & published Advisory Link
XSS (Cross-Site-Scripting) Avi Gimpel, Oded Vanunu, and Liad Mizrachi May 15 2015 124 days PAN-OS 6.1.2 and earlier; PAN-OS PAN-OS version
6.0.8 and earlier; PAN-OS 5.0.15 and earlier		 Fixed & published Advisory
McAfee CSRF Adi Volkovitz March 25th 2014 July 24th 2014 119 days Network Security Manager 8.0.5.9 CVE-2014-2390 Fixed & published Advisory Link
FireEye URL-Encoded Text Injection Oded Vanunu, Avi Gimple July 24th, 2014 July 7th, 2015 349 days FX, AX, NX, EX, CM CVE-2014-5046 Fixed & published Advisory Link
×
  Feedback
This website uses cookies for its functionality and for analytics and marketing purposes. By continuing to use this website, you agree to the use of cookies. For more information, please read our Cookies Notice.
OK