A cross-site scripting (XSS) vulnerability in the Console feature of the BIG-IP and Enterprise Manager web management interface may allow for script excecution when viewing a log file that contains malicious content. Exploitation of this vulnerability would require an attacker to generate a log entry that contains an embedded script. The embedded script could then be executed if an authenticated web management interface user viewed the log file using the Console feature.
To prevent exposure to this vulnerability do not view log files using the Console feature of the BIG-IP or Enterprise Manager web management interface. To view log files from the command line, access the device using an SSH client.
Note: Because exploitation of this vulnerability requires an authenticated user, F5 considers this to be a local vulnerability.
F5 Product Development tracked this issue as CR96889, and it was fixed in BIG-IP 10.0.0 and Enterprise Manger 1.8.0. For information about upgrading, refer to the BIG-IP LTM, GTM, ASM, PSM, Link Controller, WebAccelerator or Enterprise Manager release notes.
Information about this advisory is available at the following locations: