logo
DATABASE RESOURCES PRICING ABOUT US

Expat vulnerabilities CVE-2012-0876 and CVE-2012-1148

Description

F5 Product Development has assigned ID 388737 (BIG-IP) to these vulnerabilities, and has evaluated the currently supported releases for potential vulnerability. Additionally, [BIG-IP iHealth](<http://www.f5.com/support/support-tools/big-ip-ihealth/>) may list Heuristic H16949 on the **Diagnostics** > **Identified** > **Medium** screen. To determine if your release is known to be vulnerable, the components or features that are affected by the vulnerability, and for information about releases or hotfixes that address the vulnerability, refer to the following table: Product | Versions known to be vulnerable | Versions known to be not vulnerable | Severity | Vulnerable component or feature ---|---|---|---|--- BIG-IP LTM | 11.0.0 - 11.2.1* 10.1.0 - 10.2.4* | 11.3.0 - 11.6.0 | Medium | xmlparse.c BIG-IP AAM | 11.0.0 - 11.2.1* 10.1.0 - 10.2.4* | 11.3.0 - 11.6.0 | Medium | xmlparse.c BIG-IP AFM | 11.0.0 - 11.2.1* 10.1.0 - 10.2.4* | 11.3.0 - 11.6.0 | Medium | xmlparse.c BIG-IP Analytics | 11.0.0 - 11.2.1* 10.1.0 - 10.2.4* | 11.3.0 - 11.6.0 | Medium | xmlparse.c BIG-IP APM | 11.0.0 - 11.2.1* 10.1.0 - 10.2.4* | 11.3.0 - 11.6.0 | Medium | xmlparse.c BIG-IP ASM | 11.0.0 - 11.2.1 10.1.0 - 10.2.4 | 11.3.0 - 11.6.0 | Medium | xmlparse.c BIG-IP Edge Gateway | 11.0.0 - 11.2.1* 10.1.0 - 10.2.4* | 11.3.0 | Medium | xmlparse.c BIG-IP GTM | 11.0.0 - 11.2.1* 10.1.0 - 10.2.4* | 11.3.0 - 11.6.0 | Medium | xmlparse.c BIG-IP Link Controller | 11.0.0 - 11.2.1* 10.1.0 - 10.2.4* | 11.3.0 - 11.6.0 | Medium | xmlparse.c BIG-IP PEM | 11.0.0 - 11.2.1* 10.1.0 - 10.2.4* | 11.3.0 - 11.6.0 | Medium | xmlparse.c BIG-IP PSM | 11.0.0 - 11.2.1* 10.1.0 - 10.2.4* | 11.3.0 - 11.6.0 | Medium | xmlparse.c BIG-IP WebAccelerator | 11.0.0 - 11.2.1* 10.1.0 - 10.2.4* | 11.3.0 | Medium | xmlparse.c BIG-IP WOM | 11.0.0 - 11.2.1* 10.1.0 - 10.2.4* | 11.3.0 | Medium | xmlparse.c ARX | None | 6.0.0 - 6.4.0 | Not vulnerable | None Enterprise Manager | None | 3.0.0 - 3.1.1 2.1.0 - 2.3.0 | Not vulnerable | None FirePass | None | 7.0.0 6.0.0 - 6.1.0 | Not vulnerable | None BIG-IQ Cloud | None | 4.0.0 - 4.5.0 | Not vulnerable | None BIG-IQ Device | None | 4.2.0 - 4.5.0 | Not vulnerable | None BIG-IQ Security | None | 4.0.0 - 4.5.0 | Not vulnerable | None BIG-IQ ADC | None | 4.5.0 | Not vulnerable | None LineRate | None | 2.5.0 - 2.6.0 | Not vulnerable | None F5 WebSafe | None | 1.0.0 | Not vulnerable | None Traffix SDC | None | 4.0.0 - 4.4.0 | Not vulnerable | None * **Important**: Certain product versions contain the affected code; however, those product versions do not parse untrusted XML input, and are, therefore, not exploitable. If you are running a version listed in the **Versions known to be vulnerable **column, you can eliminate this vulnerability by upgrading to a version listed in the **Versions known to be not vulnerable **column. If the table lists only an older version than what you are currently running, or does not list a non-vulnerable version, then no upgrade candidate currently exists. Mitigation BIG-IP ASM When the BIG-IP ASM system is provisioned, the custom attack signature portion of the Web UI is vulnerable; this situation requires an administrative-level user to interface with the vulnerable component. * [K9970: Subscribing to email notifications regarding F5 products](<https://support.f5.com/csp/article/K9970>) * [K9957: Creating a custom RSS feed to view new and updated documents](<https://support.f5.com/csp/article/K9957>) * [K4918: Overview of the F5 critical issue hotfix policy](<https://support.f5.com/csp/article/K4918>) * [K167: Downloading software and firmware from F5](<https://support.f5.com/csp/article/K167>)


Related