Big-iq Centralized Management Security Vulnerabilities and Issues — Big-iq Centralized Management CVE List

Lucene search

F5Big-iq Centralized Management

3 matches found

CVE•added 2019/09/25 6:15 p.m.•49 views

CVE-2019-6651

In BIG-IP 15.0.0, 14.1.0-14.1.0.6, 14.0.0-14.0.0.5, 13.0.0-13.1.1.5, 12.1.0-12.1.4.1, 11.5.1-11.6.4, BIG-IQ 7.0.0, 6.0.0-6.1.0,5.2.0-5.4.0, iWorkflow 2.3.0, and Enterprise Manager 3.1.1, the Configuration utility login page may not follow best security practices when handling a malicious request.

5.3CVSS5.3AI score0.00403EPSS

CVE•added 2019/09/25 6:15 p.m.•40 views

CVE-2019-6653

There is a Stored Cross Site Scripting vulnerability in the undisclosed page of a BIG-IQ 6.0.0-6.1.0 or 5.2.0-5.4.0 system. The attack can be stored by users granted the Device Manager and Administrator roles.

5.4CVSS5.2AI score0.00247EPSS

CVE•added 2019/09/25 6:15 p.m.•39 views

CVE-2019-6652

In BIG-IQ 6.0.0-6.1.0, services for stats do not require authentication nor do they implement any form of Transport Layer Security (TLS).

6.5CVSS6.6AI score0.00144EPSS