Lucene search
K

4 matches found

F5 Networks
F5 Networks
added 2022/12/22 11:20 p.m.30 views

K13838: XSS vulnerability CVE-2012-2975

Security Advisory Description A cross-site scripting XSS vulnerability exists on the BIG-IP ASM traffic overview page. Malicious request URLs may be exposed in the Configuration utility without proper sanitization. CVE-2012-2975 Impact Privileged root access may be granted to unauthenticated user...

4.3CVSS5.6AI score0.01513EPSS
Exploits1Affected Software1
seebug.org
seebug.org
added 2012/09/12 12:0 a.m.47 views

F5 BIG-IP ASM Traffic Overview页面跨站脚本执行漏洞

CVE ID: CVE-2012-2975 F5 BIG-IP产品可为企业提供集成的应用交付服务,如加速、安全、访问控制与高可用性。 F5 ASM设备10.0.0 - 11.2.0 HF2没有正确过滤发送到流量概要页面的某些输入,可被利用在受影响站点的用户浏览器会话中执行任意HTML和脚本代码。 0 F5 TMOS 11.x F5 TMOS 10.x 厂商补丁: F5 -- 目前厂商已经发布了升级补丁以修复这个安全问题,请到厂商的主页下载: http://support.f5.com/kb/en-us/solutions/public/...

4.3CVSS6.4AI score0.01513EPSS
Exploits1
Cvelist
Cvelist
added 2012/09/11 6:0 p.m.40 views

CVE-2012-2975

Cross-site scripting XSS vulnerability in the traffic overview page on the F5 ASM appliance 10.0.0 through 11.2.0 HF2 allows remote attackers to inject arbitrary web script or HTML via crafted requests that are later listed on a summary page...

5.6AI score0.01513EPSS
Exploits1References2
CVE
CVE
added 2012/09/11 6:0 p.m.61 views

CVE-2012-2975

CVE-2012-2975 affects F5 BIG-IP ASM (traffic overview page). The vulnerability arises from inadequate input sanitization in the traffic overview interface, allowing an attacker to inject arbitrary HTML/JavaScript that may appear in the summary listings. Affected versions include BIG-IP ASM 10.0.0...

4.3CVSS5.7AI score0.01513EPSS
Exploits1References2Affected Software1
Rows per page
Query Builder