Command injection

2018-12-2020:29:00

PRIOn knowledge base

www.prio-n.com

6.9 Medium

AI Score

Confidence

High

0.001 Low

EPSS

Percentile

42.8%

JSON

On BIG-IP 14.0.0-14.0.0.2, 13.0.0-13.1.1.1, or 12.1.0-12.1.3.7, or Enterprise Manager 3.1.1, when authenticated administrative users run commands in the Traffic Management User Interface (TMUI), also referred to as the BIG-IP Configuration utility, restrictions on allowed commands may not be enforced.

CPENameOperatorVersion
big-ip_access_policy_managerge13.0.0
big-ip_access_policy_managerle13.1.1.1
big-ip_access_policy_managerge14.0.0
big-ip_access_policy_managerle14.0.0.2
big-ip_access_policy_managerge12.1.0
big-ip_access_policy_managerle12.1.3.7
big-ip_advanced_firewall_managerge13.0.0
big-ip_advanced_firewall_managerle13.1.1.1
big-ip_advanced_firewall_managerge14.0.0
big-ip_advanced_firewall_managerle14.0.0.2

Name	Operator	Version
big-ip_access_policy_manager	ge	13.0.0
big-ip_access_policy_manager	le	13.1.1.1
big-ip_access_policy_manager	ge	14.0.0
big-ip_access_policy_manager	le	14.0.0.2
big-ip_access_policy_manager	ge	12.1.0
big-ip_access_policy_manager	le	12.1.3.7
big-ip_advanced_firewall_manager	ge	13.0.0
big-ip_advanced_firewall_manager	le	13.1.1.1
big-ip_advanced_firewall_manager	ge	14.0.0
big-ip_advanced_firewall_manager	le	14.0.0.2

Rows per page:

1-10 of 791

References

support.f5.com/csp/article/K61620494