Lucene search
F5CVELIST:CVE-2021-22978HistoryFeb 12, 2021 - 7:18 p.m.
CVE-2021-22978
2021-02-1219:18:12
f5
www.cve.org
5
big-ip
reflected xss
admin role
On BIG-IP version 16.0.x before 16.0.1, 15.1.x before 15.1.1, 14.1.x before 14.1.3.1, 13.1.x before 13.1.3.5, and all 12.1.x and 11.6.x versions, undisclosed endpoints in iControl REST allow for a reflected XSS attack, which could lead to a complete compromise of BIG-IP if the victim user is granted the admin role. Note: Software versions which have reached End of Software Development (EoSD) are not evaluated.
CNA Affected
[
{
"product": "BIG-IP",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "16.0.x before 16.0.1, 15.1.x before 15.1.1, 14.1.x before 14.1.3.1, 13.1.x before 13.1.3.5, and all 12.1.x and 11.6.x versions"
}
]
}
]References
Related
prion
prion
Cross site scripting
2021-02-12 20:15:00
nessus
nessus
F5 Networks BIG-IP : iControl REST vulnerability (K87502622)
2021-02-11 00:00:00
nvd
nvd
CVE-2021-22978
2021-02-12 20:15:13
cve
cve
CVE-2021-22978
2021-02-12 20:15:13
f5
f5
K87502622 : iControl REST vulnerability CVE-2021-22978
2021-02-10 00:00:00