Server side request forgery (ssrf)

2019-03-2821:29:00

PRIOn knowledge base

www.prio-n.com

0.001 Low

EPSS

Percentile

50.9%

JSON

In BIG-IP 11.5.1-11.5.8 and 11.6.1-11.6.3, the Configuration Utility login page may not follow best security practices when handling a malicious request.

CPENameOperatorVersion
big-ip_access_policy_managerge11.6.1
big-ip_access_policy_managerle11.6.3
big-ip_access_policy_managerge11.5.1
big-ip_access_policy_managerle11.5.8
big-ip_advanced_firewall_managerge11.6.1
big-ip_advanced_firewall_managerle11.6.3
big-ip_advanced_firewall_managerge11.5.1
big-ip_advanced_firewall_managerle11.5.8
big-ip_analyticsge11.6.1
big-ip_analyticsle11.6.3

Name	Operator	Version
big-ip_access_policy_manager	ge	11.6.1
big-ip_access_policy_manager	le	11.6.3
big-ip_access_policy_manager	ge	11.5.1
big-ip_access_policy_manager	le	11.5.8
big-ip_advanced_firewall_manager	ge	11.6.1
big-ip_advanced_firewall_manager	le	11.6.3
big-ip_advanced_firewall_manager	ge	11.5.1
big-ip_advanced_firewall_manager	le	11.5.8
big-ip_analytics	ge	11.6.1
big-ip_analytics	le	11.6.3

Rows per page:

1-10 of 521

References

www.securityfocus.com/bid/107626

support.f5.com/csp/article/K11818407

0.001 Low

EPSS

Percentile

50.9%

JSON

Related for PRION:CVE-2019-6602