BIG-IP Traffic Management User Interface Vulnerability

http://kirstincronn-mills.com/?feed=rss2 Overview :
Multiple vulnerabilities reported in BIG-IP Traffic Management User Interface
buy disulfiram implant Affected Product(s) :
  • BIG-IP versions 16.0.0  – 16.0.0.1
  • BIG-IP versions 15.0.0  – 15.1.0
  • BIG-IP versions 14.1.0  – 14.1.2
  • BIG-IP versions 13.1.0  – 13.1.3
  • BIG-IP versions 12.1.0  – 12.1.5
  • BIG-IP versions 11.6.1  – 11.6.5
Vulnerability Details :
CVE ID : CVE-2020-5948
On BIG-IP versions 16.0.0-16.0.0.1, 15.1.0-15.1.0.5, 14.1.0-14.1.2.7, 13.1.0-13.1.3.4, 12.1.0-12.1.5.2, and 11.6.1-11.6.5.2, undisclosed endpoints in iControl REST allow for a reflected XSS attack, which could lead to a complete compromise of the BIG-IP system if the victim user is granted the admin role.
CVE ID : CVE-2020-5949
On BIG-IP versions 14.0.0-14.0.1 and 13.1.0-13.1.3.4, certain traffic pattern sent to a virtual server configured with an FTP profile can cause the FTP channel to break.

Solution :

This vulnerability is currently rectified in latest versions.

 

Common Vulnerabilityies and Exposures

Contact us to get started

CVE-2023-48188 : OPARTDEVIS MODULE UP TO 4.5.18/4.6.12 ON PRESTASHOP GETMODULETRANSLATION SQL INJECTION

CVE-2023-48188 : OPARTDEVIS MODULE UP TO 4.5.18/4.6.12 ON PRESTASHOP GETMODULETRANSLATION SQL INJECTION

Description SQL injection vulnerability in PrestaShop opartdevis v.4.5.18 thru v.4.6.12 allows a remote attacker to execute arbitrary code via a

CVE-2023-5972 : LINUX KERNEL UP TO 6.6-RC6 NETLINK ATTRIBUTE NFT_INNER.C NULL POINTER DEREFERENCE

CVE-2023-5972 : LINUX KERNEL UP TO 6.6-RC6 NETLINK ATTRIBUTE NFT_INNER.C NULL POINTER DEREFERENCE

Description A null pointer dereference flaw was found in the nft_inner.c functionality of netfilter in the Linux kernel. This issue

CVE-2023-6263 : NETWORK OPTIX NXCLOUD PRIOR 23.1.0.40440 VMS SERVER AUTHENTICATION SPOOFING

CVE-2023-6263 : NETWORK OPTIX NXCLOUD PRIOR 23.1.0.40440 VMS SERVER AUTHENTICATION SPOOFING

Description An issue was discovered in Network Optix NxCloud before 23.1.0.40440. It was possible to add a fake VMS server