K8599 : XSS vulnerability viewing logs from the Console section of the web management interface

Security Advisory Description

Note: Versions that are not listed in this article have not been evaluated for vulnerability to this security advisory. For information about the F5 security policy regarding evaluating older and unsupported versions of F5 products, refer to K4602: Overview of the F5 security vulnerability response policy.

F5 products and versions that have been evaluated for this Security Advisory

A cross-site scripting (XSS) vulnerability in the Console feature of the BIG-IP and Enterprise Manager web management interface may allow for script execution when viewing a log file that contains malicious content. Exploitation of this vulnerability would require an attacker to generate a log entry that contains an embedded script. The embedded script could then be executed if an authenticated web management interface user viewed the log file using the Console feature.

To prevent exposure to this vulnerability do not view log files using the Console feature of the BIG-IP or Enterprise Manager web management interface. To view log files from the command line, access the device using an SSH client.

Note: Because exploitation of this vulnerability requires an authenticated user, F5 considers this to be a local vulnerability.

F5 Product Development tracked this issue as CR96889, and it was fixed in BIG-IP 10.0.0 and Enterprise Manger 1.8.0. For information about upgrading, refer to the BIG-IP LTM, GTM, ASM, PSM, Link Controller, WebAccelerator or Enterprise Manager release notes.

Information about this advisory is available at the following locations:

• <https://www.securityfocus.com/archive/1/489290&gt;
• <https://vulners.com/cve/CVE-2008-7032&gt;