4 matches found
K13838: XSS vulnerability CVE-2012-2975
Security Advisory Description A cross-site scripting XSS vulnerability exists on the BIG-IP ASM traffic overview page. Malicious request URLs may be exposed in the Configuration utility without proper sanitization. CVE-2012-2975 Impact Privileged root access may be granted to unauthenticated user...
F5 BIG-IP ASM Traffic Overview页面跨站脚本执行漏洞
CVE ID: CVE-2012-2975 F5 BIG-IP产品可为企业提供集成的应用交付服务,如加速、安全、访问控制与高可用性。 F5 ASM设备10.0.0 - 11.2.0 HF2没有正确过滤发送到流量概要页面的某些输入,可被利用在受影响站点的用户浏览器会话中执行任意HTML和脚本代码。 0 F5 TMOS 11.x F5 TMOS 10.x 厂商补丁: F5 -- 目前厂商已经发布了升级补丁以修复这个安全问题,请到厂商的主页下载: http://support.f5.com/kb/en-us/solutions/public/...
CVE-2012-2975
Cross-site scripting XSS vulnerability in the traffic overview page on the F5 ASM appliance 10.0.0 through 11.2.0 HF2 allows remote attackers to inject arbitrary web script or HTML via crafted requests that are later listed on a summary page...
CVE-2012-2975
CVE-2012-2975 affects F5 BIG-IP ASM (traffic overview page). The vulnerability arises from inadequate input sanitization in the traffic overview interface, allowing an attacker to inject arbitrary HTML/JavaScript that may appear in the summary listings. Affected versions include BIG-IP ASM 10.0.0...