Big-ip Advanced Firewall Manager@14.1.2.5 Security Vulnerabilities and Issues — Big-ip Advanced Firewall Manager@14.1.2.5 CVE List

Lucene search

F5Big-ip Advanced Firewall Manager14.1.2.5

2 matches found

CVE•added 2020/07/01 3:15 p.m.•62 views

CVE-2020-5904

In BIG-IP versions 15.0.0-15.1.0.3, 14.1.0-14.1.2.5, 13.1.0-13.1.3.3, 12.1.0-12.1.5.1, a cross-site request forgery (CSRF) vulnerability in the Traffic Management User Interface (TMUI), also referred to as the Configuration utility, exists in an undisclosed page.

8.8CVSS8.6AI score0.00279EPSS

CVE•added 2020/11/05 8:15 p.m.•43 views

CVE-2020-5943

In versions 14.1.0-14.1.0.1 and 14.1.2.5-14.1.2.7, when a BIG-IP object is created or listed through the REST interface, the protected fields are obfuscated in the REST response, not protected via a SecureVault cryptogram as TMSH does. One example of protected fields is the GTM monitor password.

6.5CVSS6.4AI score0.00154EPSS