Design/Logic Flaw

2016-10-0316:09:00

PRIOn knowledge base

www.prio-n.com

8.1 High

AI Score

Confidence

Low

0.054 Low

EPSS

Percentile

93.2%

JSON

Virtual servers in F5 BIG-IP systems 11.5.0, 11.5.1 before HF11, 11.5.2, 11.5.3, 11.5.4 before HF2, 11.6.0 before HF8, 11.6.1 before HF1, 12.0.0 before HF4, and 12.1.0 before HF2, when configured with the HTTP Explicit Proxy functionality or SOCKS profile, allow remote attackers to modify the system configuration, read system files, and possibly execute arbitrary code via unspecified vectors.

CPENameOperatorVersion
big-ip_access_policy_managereq11.5.2
big-ip_access_policy_managereq11.5.0
big-ip_access_policy_managereq12.0.0
big-ip_access_policy_managereq11.5.1
big-ip_access_policy_managereq11.5.3
big-ip_access_policy_managereq12.1.0
big-ip_access_policy_managereq11.5.4
big-ip_access_policy_managereq11.6.1
big-ip_access_policy_managereq11.6.0
big-ip_advanced_firewall_managereq12.1.0

Name	Operator	Version
big-ip_access_policy_manager	eq	11.5.2
big-ip_access_policy_manager	eq	11.5.0
big-ip_access_policy_manager	eq	12.0.0
big-ip_access_policy_manager	eq	11.5.1
big-ip_access_policy_manager	eq	11.5.3
big-ip_access_policy_manager	eq	12.1.0
big-ip_access_policy_manager	eq	11.5.4
big-ip_access_policy_manager	eq	11.6.1
big-ip_access_policy_manager	eq	11.6.0
big-ip_advanced_firewall_manager	eq	12.1.0