K48382137: Bootstrap vulnerability CVE-2018-14040

🗓️ 21 Feb 2023 18:47:36Reported by f5Type

f5🔗 my.f5.com👁 359 Views

Bootstrap vulnerability CVE-2018-14040, XSS attack possibl

Reporter	Title	Published	Views	Family All 157
IBM Security Bulletins	Security Bulletin: There are several vulnerabilities in Bootstrap used by IBM Maximo Asset Management	4 Apr 202316:40	–	ibm
IBM Security Bulletins	Security Bulletin: Multiple vulnerabilities found on thirdparty libraries used by IBM® MobileFirst Platform	26 Mar 202503:41	–	ibm
IBM Security Bulletins	Security Bulletin: Multiple security vulnerabilities in bootstrap.js may affect IBM Business Automation Workflow	5 Jun 202320:05	–	ibm
IBM Security Bulletins	Security Bulletin: Multiple vulnerabilities fixed in IBM Security Verify Governance	11 Jan 202416:41	–	ibm
IBM Security Bulletins	Security Bulletin: User Behavior Analytics application add on to IBM QRadar SIEM is vulnerable to using components with known vulnerabilities	20 Nov 202413:56	–	ibm
IBM Security Bulletins	Security Bulletin: IBM Engineering Workflow Management (EWM) vulnerabilities CVE-2020-28500, CVE-2021-23337, CVE-2020-8203	24 Apr 202314:58	–	ibm
IBM Security Bulletins	Security Bulletin: IBM Storage Ceph is vulnerable to Cross-site Scripting in Ceph (CVE-2018-20677, CVE-2018-20676, CVE-2019-8331, CVE-2018-14042, CVE-2018-14040, CVE-2016-10735)	5 Aug 202420:00	–	ibm
IBM Security Bulletins	Security Bulletin: API Connect V5 is impacted by vulnerabilities in Bootstrap (CVE-2018-14040 CVE-2018-14041 CVE-2018-14042)	23 Apr 201918:00	–	ibm
IBM Security Bulletins	Security Bulletin:Vulnerabiilties in swagger-ui and Bootstrap affect watsonx.data	27 Feb 202513:28	–	ibm
IBM Security Bulletins	Security Bulletin: Cross-Site Scripting (XSS) Vulnerability in data-target Attribute Handling in Bootstrap, affects watsonx.data	7 Apr 202611:00	–	ibm

Vulners

Node

f5 big-ip_advanced_wafRange17.0.0–17.1.0

OR

f5 big-ip_asmRange17.0.0–17.1.0

OR

f5 big-ip_advanced_wafRange16.1.0–16.1.3

OR

f5 big-ip_asmRange16.1.0–16.1.3

OR

f5 big-ip_advanced_wafRange15.1.0–15.1.8

OR

f5 big-ip_asmRange15.1.0–15.1.8

OR

f5 big-ip_advanced_wafRange14.1.0–14.1.5

OR

f5 big-ip_asmRange14.1.0–14.1.5

OR

f5 big-ip_advanced_wafRange13.1.0–13.1.5

OR

f5 big-ip_asmRange13.1.0–13.1.5

OR

f5 big-ip_advanced_wafRange12.1.0–12.1.6

OR

f5 big-ip_asmRange12.1.0–12.1.6

OR

f5 big-ip_aamRange<15.1.0

OR

f5 big-ip_afmRange<15.1.0

OR

f5 big-ip_analyticsRange<15.1.0

OR

f5 big-ip_apmRange<15.1.0

OR

f5 big-ip_asmRange<15.1.0

OR

f5 big-ip_ddos_hybrid_defenderRange<15.1.0

OR

f5 big-ip_dnsRange<15.1.0

OR

f5 big-ip_fpsRange<15.1.0

OR

f5 big-ip_gtmRange<15.1.0

OR

f5 big-ip_link_controllerRange<15.1.0

OR

f5 big-ip_ltmRange<15.1.0

OR

f5 big-ip_pemRange<15.1.0

OR

f5 big-ip_ssl_orchestratorRange<15.1.0

OR

f5 big-ip_aamRange14.1.0–14.1.2

OR

f5 big-ip_afmRange14.1.0–14.1.2

OR

f5 big-ip_analyticsRange14.1.0–14.1.2

OR

f5 big-ip_apmRange14.1.0–14.1.2

OR

f5 big-ip_asmRange14.1.0–14.1.2

OR

f5 big-ip_ddos_hybrid_defenderRange14.1.0–14.1.2

OR

f5 big-ip_dnsRange14.1.0–14.1.2

OR

f5 big-ip_fpsRange14.1.0–14.1.2

OR

f5 big-ip_gtmRange14.1.0–14.1.2

OR

f5 big-ip_link_controllerRange14.1.0–14.1.2

OR

f5 big-ip_ltmRange14.1.0–14.1.2

OR

f5 big-ip_pemRange14.1.0–14.1.2

OR

f5 big-ip_ssl_orchestratorRange14.1.0–14.1.2

OR

f5 big-ip_aamRange13.1.0–13.1.3

OR

f5 big-ip_afmRange13.1.0–13.1.3

OR

f5 big-ip_analyticsRange13.1.0–13.1.3

OR

f5 big-ip_apmRange13.1.0–13.1.3

OR

f5 big-ip_asmRange13.1.0–13.1.3

OR

f5 big-ip_ddos_hybrid_defenderRange13.1.0–13.1.3

OR

f5 big-ip_dnsRange13.1.0–13.1.3

OR

f5 big-ip_fpsRange13.1.0–13.1.3

OR

f5 big-ip_gtmRange13.1.0–13.1.3

OR

f5 big-ip_link_controllerRange13.1.0–13.1.3

OR

f5 big-ip_ltmRange13.1.0–13.1.3

OR

f5 big-ip_pemRange13.1.0–13.1.3

OR

f5 big-ip_ssl_orchestratorRange13.1.0–13.1.3

OR

f5 big-ip_aamRange12.1.0–12.1.5

OR

f5 big-ip_afmRange12.1.0–12.1.5

OR

f5 big-ip_analyticsRange12.1.0–12.1.5

OR

f5 big-ip_apmRange12.1.0–12.1.5

OR

f5 big-ip_asmRange12.1.0–12.1.5

OR

f5 big-ip_ddos_hybrid_defenderRange12.1.0–12.1.5

OR

f5 big-ip_dnsRange12.1.0–12.1.5

OR

f5 big-ip_fpsRange12.1.0–12.1.5

OR

f5 big-ip_gtmRange12.1.0–12.1.5

OR

f5 big-ip_link_controllerRange12.1.0–12.1.5

OR

f5 big-ip_ltmRange12.1.0–12.1.5

OR

f5 big-ip_pemRange12.1.0–12.1.5

OR

f5 big-ip_ssl_orchestratorRange12.1.0–12.1.5

OR

f5 traffix_sdcMatch5.2.0

OR

f5 traffix_sdcMatch5.1.0

28 Apr 2023 03:14Current

6.6Medium risk

Vulners AI Score6.6

CVSS 24.3

CVSS 36.1

EPSS0.0192

bootstrap cve-2018-14040 xss attack