Lucene search
F5CVELIST:CVE-2019-6599HistoryMar 11, 2019 - 12:00 a.m.
CVE-2019-6599
2019-03-1100:00:00
f5
www.cve.org
0.001 Low
EPSS
Percentile
36.2%
In BIG-IP 11.6.1-11.6.3.2 or 11.5.1-11.5.8, or Enterprise Manager 3.1.1, improper escaping of values in an undisclosed page of the configuration utility may result with an improper handling on the JSON response when it is injected by a malicious script via a remote cross-site scripting (XSS) attack.
CNA Affected
[
{
"product": "BIG-IP APM; Enterprise Manager",
"vendor": "F5 Networks, Inc.",
"versions": [
{
"status": "affected",
"version": "11.6.1-11.6.3.2, 11.5.1-11.5.8"
},
{
"status": "affected",
"version": "EM 3.1.1"
}
]
}
]Related
cve
cve
CVE-2019-6599
2019-03-13 22:29:00
nvd
nvd
CVE-2019-6599
2019-03-13 22:29:00
prion
prion
Cross site scripting
2019-03-13 22:29:00
nessus
nessus
F5 Networks BIG-IP : BIG-IP Configuration utility vulnerability (K46401178)
2019-03-12 00:00:00
f5
f5
K46401178 : BIG-IP Configuration utility vulnerability CVE-2019-6599
2019-03-11 00:00:00