HTTP: Watchguard Firebox XTM RPC Denial of Service
This signature detects attempts to exploit a known vulnerability against Watchguard Firebox XTM RPC. A successful attack can lead to Denial of Service & User Enumeration.
Extended Description
WatchGuard Fireware allows user enumeration, e.g., in the Firebox XML-RPC login handler. A login request that contains a blank password sent to the XML-RPC agent in Fireware v11.12.1 and earlier returns different responses for valid and invalid usernames. An attacker could exploit this vulnerability to enumerate valid usernames on an affected Firebox.
Affected Products
Watchguard fireware
Short Name
HTTP:DOS:WATCHGUARD-XTMRPC
Severity
Minor
Recommended
False
Recommended Action
Drop
Category
HTTP
Keywords
CVE-2017-8055 Denial Firebox RPC Service Watchguard XTM of
Release Date
05/22/2019
Supported Platforms
srx-branch-12.3
srx-19.3
srx-branch-19.3
vsrx3bsd-19.2
srx-branch-19.4
vsrx-19.4
mx-12.3
mx-19.4
vmx-19.4
mx-19.3
vsrx3bsd-19.4
srx-19.4
vsrx-12.3
vmx-19.3
vsrx-19.2
srx-12.3
Sigpack Version
3375
False Positive
Unknown
Vendors
Watchguard
CVSS Score
5.0