Lucene search

[email protected]CVE-2013-7408

HistoryOct 03, 2022 - 4:14 p.m.

CVE-2013-7408

2022-10-0316:14:53

CWE-310

[email protected]

web.nvd.nist.gov

cve-2013-7408

big-ip

analytics

session cookie

remote attackers

vulnerability

nvd

7.5 High

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

7.2 High

AI Score

Confidence

Low

0.003 Low

EPSS

Percentile

71.3%

JSON

F5 BIG-IP Analytics 11.x before 11.4.0 uses a predictable session cookie, which makes it easier for remote attackers to have unspecified impact by guessing the value.

Affected configurations

NVD

Node

f5big-ip_analyticsMatch11.0.0

f5big-ip_analyticsMatch11.1.0

f5big-ip_analyticsMatch11.2.0

f5big-ip_analyticsMatch11.2.1

f5big-ip_analyticsMatch11.3.0

CPENameOperatorVersion
f5:big-ip_analyticsf5 big-ip analyticseq11.0.0
f5:big-ip_analyticsf5 big-ip analyticseq11.1.0
f5:big-ip_analyticsf5 big-ip analyticseq11.2.0
f5:big-ip_analyticsf5 big-ip analyticseq11.2.1
f5:big-ip_analyticsf5 big-ip analyticseq11.3.0

CPE	Name	Operator	Version
f5:big-ip_analytics	f5 big-ip analytics	eq	11.0.0
f5:big-ip_analytics	f5 big-ip analytics	eq	11.1.0
f5:big-ip_analytics	f5 big-ip analytics	eq	11.2.0
f5:big-ip_analytics	f5 big-ip analytics	eq	11.2.1
f5:big-ip_analytics	f5 big-ip analytics	eq	11.3.0

References

support.f5.com/kb/en-us/solutions/public/14000/300/sol14334.html

www.securityfocus.com/bid/68792

7.5 High

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

7.2 High

AI Score

Confidence

Low

0.003 Low

EPSS

Percentile

71.3%

JSON

Related for CVE-2013-7408

cvelist1 prion1 nvd1