Lucene search
F5CVELIST:CVE-2019-6600HistoryMar 11, 2019 - 12:00 a.m.
CVE-2019-6600
2019-03-1100:00:00
f5
www.cve.org
0.001 Low
EPSS
Percentile
43.9%
In BIG-IP 14.0.0-14.0.0.2, 13.0.0-13.1.1.3, 12.1.0-12.1.3.7, 11.6.1-11.6.3.2, or 11.5.1-11.5.8, when remote authentication is enabled for administrative users and all external users are granted the “guest” role, unsanitized values can be reflected to the client via the login page. This can lead to a cross-site scripting attack against unauthenticated clients.
CNA Affected
[
{
"product": "BIG-IP (LTM, AAM, AFM, Analytics, APM, ASM, DNS, Edge Gateway, FPS, GTM, Link Controller, PEM, WebAccelerator)",
"vendor": "F5 Networks, Inc.",
"versions": [
{
"status": "affected",
"version": "14.0.0-14.0.0.2, 13.0.0-13.1.1.3, 12.1.0-12.1.3.7, 11.6.1-11.6.3.2, 11.5.1-11.5.8"
}
]
}
]Related
nessus
nessus
F5 Networks BIG-IP : BIG-IP Configuration utility vulnerability (K23734425)
2019-03-12 00:00:00
prion
prion
Cross site scripting
2019-03-13 22:29:00
nvd
nvd
CVE-2019-6600
2019-03-13 22:29:00
f5
f5
K23734425 : BIG-IP Configuration utility vulnerability CVE-2019-6600
2019-03-11 00:00:00
cve
cve
CVE-2019-6600
2019-03-13 22:29:00