CVE-2014-4023

🗓️ 28 Oct 2014 14:00:00Reported by mitreType

cve🔗 web.nvd.nist.gov👁 59 Views🌐 WEB

Cross-site scripting vulnerability in F5 BIG-IP LTM, APM, ASM, GTM, and mor

Reporter	Title	Published	Views	Family All 9
Cvelist	CVE-2014-4023	28 Oct 201414:00	–	cvelist
EUVD	EUVD-2014-3955	7 Oct 202500:30	–	euvd
Tenable Nessus	F5 Networks BIG-IP : XSS vulnerability in echo.jsp (SOL15532)	10 Oct 201400:00	–	nessus
NVD	CVE-2014-4023	28 Oct 201414:55	–	nvd
Packet Storm	F5 BIG-IP 11.5.1 Cross Site Scripting	28 Aug 201400:00	–	packetstorm
Prion	Cross site scripting	28 Oct 201414:55	–	prion
securityvulns	SEC Consult SA-20140828-0 :: F5 BIG-IP Reflected Cross-Site Scripting	2 Sep 201400:00	–	securityvulns
securityvulns	F5 BIG-IP crossite scripting	2 Sep 201400:00	–	securityvulns
F5 Networks	SOL15532 - XSS vulnerability in echo.jsp CVE-2014-4023	25 Aug 201400:00	–	f5

NVD

Node

f5 big-ip_advanced_firewall_managerMatch11.3.0

f5 big-ip_advanced_firewall_managerMatch11.4.0

f5 big-ip_advanced_firewall_managerMatch11.4.1

f5 big-ip_advanced_firewall_managerMatch11.5.0

f5 big-ip_advanced_firewall_managerMatch11.5.1

Node

f5 big-ip_policy_enforcement_managerMatch11.3.0

f5 big-ip_policy_enforcement_managerMatch11.4.0

f5 big-ip_policy_enforcement_managerMatch11.4.1

f5 big-ip_policy_enforcement_managerMatch11.5.0

f5 big-ip_policy_enforcement_managerMatch11.5.1

Node

f5 big-ip_application_security_managerMatch10.1.0

f5 big-ip_application_security_managerMatch10.2.0

f5 big-ip_application_security_managerMatch10.2.1

f5 big-ip_application_security_managerMatch10.2.2

f5 big-ip_application_security_managerMatch10.2.3

f5 big-ip_application_security_managerMatch10.2.4

f5 big-ip_application_security_managerMatch11.0.0

f5 big-ip_application_security_managerMatch11.1.0

f5 big-ip_application_security_managerMatch11.2.0

f5 big-ip_application_security_managerMatch11.2.1

f5 big-ip_application_security_managerMatch11.3.0

f5 big-ip_application_security_managerMatch11.4.0

f5 big-ip_application_security_managerMatch11.4.1

f5 big-ip_application_security_managerMatch11.5.0

f5 big-ip_application_security_managerMatch11.5.1

Node

f5 big-ip_application_acceleration_managerMatch11.4.0

f5 big-ip_application_acceleration_managerMatch11.4.1

f5 big-ip_application_acceleration_managerMatch11.5.0

f5 big-ip_application_acceleration_managerMatch11.5.1

Node

f5 enterprise_managerMatch3.0.0

f5 enterprise_managerMatch3.1.0

f5 enterprise_managerMatch3.1.1

f5 enterprise_managerMatch2.1.0

f5 enterprise_managerMatch2.2.0

f5 enterprise_managerMatch2.3.0

Node

f5 big-ip_edge_gatewayMatch10.1.0

f5 big-ip_edge_gatewayMatch10.2.0

f5 big-ip_edge_gatewayMatch10.2.1

f5 big-ip_edge_gatewayMatch10.2.2

f5 big-ip_edge_gatewayMatch10.2.3

f5 big-ip_edge_gatewayMatch10.2.4

f5 big-ip_edge_gatewayMatch11.0.0

f5 big-ip_edge_gatewayMatch11.1.0

f5 big-ip_edge_gatewayMatch11.2.0

f5 big-ip_edge_gatewayMatch11.2.1

f5 big-ip_edge_gatewayMatch11.3.0

Node

f5 big-ip_global_traffic_managerMatch10.1.0

f5 big-ip_global_traffic_managerMatch10.2.0

f5 big-ip_global_traffic_managerMatch10.2.1

f5 big-ip_global_traffic_managerMatch10.2.2

f5 big-ip_global_traffic_managerMatch10.2.3

f5 big-ip_global_traffic_managerMatch10.2.4

f5 big-ip_global_traffic_managerMatch11.0.0

f5 big-ip_global_traffic_managerMatch11.1.0

f5 big-ip_global_traffic_managerMatch11.2.0

f5 big-ip_global_traffic_managerMatch11.2.1

f5 big-ip_global_traffic_managerMatch11.3.0

f5 big-ip_global_traffic_managerMatch11.4.0

f5 big-ip_global_traffic_managerMatch11.4.1

f5 big-ip_global_traffic_managerMatch11.5.0

f5 big-ip_global_traffic_managerMatch11.5.1

Node

f5 big-ip_link_controllerMatch10.1.0

f5 big-ip_link_controllerMatch10.2.0

f5 big-ip_link_controllerMatch10.2.1

f5 big-ip_link_controllerMatch10.2.2

f5 big-ip_link_controllerMatch10.2.3

f5 big-ip_link_controllerMatch10.2.4

f5 big-ip_link_controllerMatch11.0.0

f5 big-ip_link_controllerMatch11.1.0

f5 big-ip_link_controllerMatch11.2.0

f5 big-ip_link_controllerMatch11.2.1

f5 big-ip_link_controllerMatch11.3.0

f5 big-ip_link_controllerMatch11.4.0

f5 big-ip_link_controllerMatch11.4.1

f5 big-ip_link_controllerMatch11.5.0

f5 big-ip_link_controllerMatch11.5.1

Node

f5 big-ip_local_traffic_managerMatch10.1.0

f5 big-ip_local_traffic_managerMatch10.2.0

f5 big-ip_local_traffic_managerMatch10.2.1

f5 big-ip_local_traffic_managerMatch10.2.2

f5 big-ip_local_traffic_managerMatch10.2.3

f5 big-ip_local_traffic_managerMatch10.2.4

f5 big-ip_local_traffic_managerMatch11.0.0

f5 big-ip_local_traffic_managerMatch11.1.0

f5 big-ip_local_traffic_managerMatch11.2.0

f5 big-ip_local_traffic_managerMatch11.2.1

f5 big-ip_local_traffic_managerMatch11.3.0

f5 big-ip_local_traffic_managerMatch11.4.0

f5 big-ip_local_traffic_managerMatch11.4.1

f5 big-ip_local_traffic_managerMatch11.5.0

f5 big-ip_local_traffic_managerMatch11.5.1

Node

f5 big-ip_access_policy_managerMatch10.1.0

f5 big-ip_access_policy_managerMatch10.2.0

f5 big-ip_access_policy_managerMatch10.2.1

f5 big-ip_access_policy_managerMatch10.2.2

f5 big-ip_access_policy_managerMatch10.2.3

f5 big-ip_access_policy_managerMatch10.2.4

f5 big-ip_access_policy_managerMatch11.0.0

f5 big-ip_access_policy_managerMatch11.1.0

f5 big-ip_access_policy_managerMatch11.2.0

f5 big-ip_access_policy_managerMatch11.2.1

f5 big-ip_access_policy_managerMatch11.3.0

f5 big-ip_access_policy_managerMatch11.4.0

f5 big-ip_access_policy_managerMatch11.4.1

f5 big-ip_access_policy_managerMatch11.5.0

f5 big-ip_access_policy_managerMatch11.5.1

Node

f5 big-ip_protocol_security_moduleMatch10.1.0

f5 big-ip_protocol_security_moduleMatch10.2.0

f5 big-ip_protocol_security_moduleMatch10.2.1

f5 big-ip_protocol_security_moduleMatch10.2.2

f5 big-ip_protocol_security_moduleMatch10.2.3

f5 big-ip_protocol_security_moduleMatch10.2.4

f5 big-ip_protocol_security_moduleMatch11.0.0

f5 big-ip_protocol_security_moduleMatch11.1.0

f5 big-ip_protocol_security_moduleMatch11.2.0

f5 big-ip_protocol_security_moduleMatch11.2.1

f5 big-ip_protocol_security_moduleMatch11.3.0

f5 big-ip_protocol_security_moduleMatch11.4.0

f5 big-ip_protocol_security_moduleMatch11.4.1

Node

f5 big-ip_webacceleratorMatch10.1.0

f5 big-ip_webacceleratorMatch10.2.0

f5 big-ip_webacceleratorMatch10.2.1

f5 big-ip_webacceleratorMatch10.2.2

f5 big-ip_webacceleratorMatch10.2.3

f5 big-ip_webacceleratorMatch10.2.4

f5 big-ip_webacceleratorMatch11.0.0

f5 big-ip_webacceleratorMatch11.1.0

f5 big-ip_webacceleratorMatch11.2.0

f5 big-ip_webacceleratorMatch11.2.1

f5 big-ip_webacceleratorMatch11.3.0

Node

f5 big-ip_wan_optimization_managerMatch10.1.0

f5 big-ip_wan_optimization_managerMatch10.2.0

f5 big-ip_wan_optimization_managerMatch10.2.1

f5 big-ip_wan_optimization_managerMatch10.2.2

f5 big-ip_wan_optimization_managerMatch10.2.3

f5 big-ip_wan_optimization_managerMatch10.2.4

f5 big-ip_wan_optimization_managerMatch11.0.0

f5 big-ip_wan_optimization_managerMatch11.1.0

f5 big-ip_wan_optimization_managerMatch11.2.0

f5 big-ip_wan_optimization_managerMatch11.2.1

f5 big-ip_wan_optimization_managerMatch11.3.0

Node

f5 big-ip_analyticsMatch11.0.0

f5 big-ip_analyticsMatch11.1.0

f5 big-ip_analyticsMatch11.2.0

f5 big-ip_analyticsMatch11.2.1

f5 big-ip_analyticsMatch11.3.0

f5 big-ip_analyticsMatch11.4.0

f5 big-ip_analyticsMatch11.4.1

f5 big-ip_analyticsMatch11.5.0

f5 big-ip_analyticsMatch11.5.1

Source	Link
securitytracker	www.securitytracker.com/id/1030776
support	www.support.f5.com/kb/en-us/solutions/public/15000/500/sol15532.html
sec-consult	www.sec-consult.com/fxdata/seccons/prod/temedia/advisories_txt/20140828-F5_BIG-IP_Reflected_XSS_v10.txt

Parameter	Position	Path	Description	CWE
<script>alert('xss')</script>	request body	tmui/dashboard/echo.jsp	Reflected XSS via POST to tmui/dashboard/echo.jsp	CWE-79

06 May 2026 22:30Current

5.7Medium risk

Vulners AI Score5.7

CVSS 24.3

EPSS0.00408

CWE-79