CVE-2016-7469

🗓️ 09 Jun 2017 15:00:00Reported by f5Type

A stored cross-site scripting (XSS) vulnerability in BIG-IP LTM, AAM, AFM, Analytics, APM, ASM, DNS, Edge Gateway, GTM, Link Controller, PEM, PSM, WebAccelerator, WOM and WebSafe version 12.0.0 - 12.1.2, 11.4.0 - 11.6.1, and 11.2.1 allows injection of arbitrary web script or HTML and could lead to unstable Configuration utility

Reporter	Title	Published	Views	Family All 9
CNVD	Multiple F5 BIG-IP Product HTML Injection Vulnerabilities	11 Jan 201700:00	–	cnvd
CVE	CVE-2016-7469	9 Jun 201715:00	–	cve
EUVD	EUVD-2016-8322	7 Oct 202500:30	–	euvd
F5 Networks	K97285349: XSS vulnerability in the BIG-IP and Enterprise Manager Configuration utilities CVE-2016-7469	21 Feb 202318:35	–	f5
Tenable Nessus	F5 Networks BIG-IP : XSS vulnerability in the BIG-IP and Enterprise Manager Configuration utilities (K97285349)	5 Jan 201700:00	–	nessus
NVD	CVE-2016-7469	9 Jun 201715:29	–	nvd
OpenVAS	F5 BIG-IP - XSS vulnerability in the BIG-IP and Enterprise Manager Configuration utilities CVE-2016-7469	10 Jan 201700:00	–	openvas
OSV	CVE-2016-7469	9 Jun 201715:29	–	osv
Prion	Cross site scripting	9 Jun 201715:29	–	prion

[
  {
    "product": "BIG-IP LTM, AAM, AFM, Analytics, APM, ASM, DNS, Edge Gateway, GTM, Link Controller, PEM, PSM,WebAccelerator,WOM,WebSafe",
    "vendor": "F5 Networks, Inc.",
    "versions": [
      {
        "status": "affected",
        "version": "12.0.0 - 12.1.2"
      },
      {
        "status": "affected",
        "version": "11.4.0 - 11.6.1"
      },
      {
        "status": "affected",
        "version": "11.2.1"
      }
    ]
  }
]

Source	Link
securitytracker	www.securitytracker.com/id/1037560
securitytracker	www.securitytracker.com/id/1037559
securityfocus	www.securityfocus.com/bid/95320
support	www.support.f5.com/csp/article/K97285349

26 Jul 2017 09:57Current

5.2Medium risk

Vulners AI Score5.2

EPSS0.00269