3 matches found
K20606443: iControl REST CSRF vulnerability CVE-2020-5922
Security Advisory Description iControl REST does not implement cross-site request forgery CSRF protections for users applying basic authentication in a web browser. CVE-2020-5922 Impact In a successful exploit, an attacker can run JavaScript in the context of the currently logged-in user. For an...
CVE-2020-5922
CVE-2020-5922 affects F5 BIG-IP iControl REST: vulnerable when using Basic Authentication in a browser due to missing CSRF protections. Impact described as that an attacker could run malicious actions in the context of an authenticated user, with higher risk for admins who can access bash and pot...
F5 Networks BIG-IP : iControl REST CSRF vulnerability (K20606443)
The version of F5 Networks BIG-IP installed on the remote host is prior to 12.1.5.2 / 13.1.3.4 / 14.1.2.7 / 15.1.0.5 / 16.0.0. It is, therefore, affected by a vulnerability as referenced in the K20606443 advisory. - In BIG-IP versions 15.0.0-15.1.0.4, 14.1.0-14.1.2.6, 13.1.0-13.1.3.3,...