Lucene search
F5CVELIST:CVE-2018-5548HistorySep 12, 2018 - 12:00 a.m.
CVE-2018-5548
2018-09-1200:00:00
f5
www.cve.org
1
0.001 Low
EPSS
Percentile
39.6%
On BIG-IP APM 11.6.0-11.6.3, an insecure AES ECB mode is used for orig_uri parameter in an undisclosed /vdesk link of APM virtual server configured with an access profile, allowing a malicious user to build a redirect URI value using different blocks of cipher texts.
CNA Affected
[
{
"product": "BIG-IP APM",
"vendor": "F5 Networks, Inc.",
"versions": [
{
"status": "affected",
"version": "11.6.0-11.6.3"
}
]
}
]Related
nessus
nessus
F5 Networks BIG-IP : BIG-IP APM redirect vulnerability (K66171422)
2018-11-02 00:00:00
nvd
nvd
CVE-2018-5548
2018-09-13 14:29:00
f5
f5
K66171422 : BIG-IP APM redirect vulnerability CVE-2018-5548
2018-09-07 00:00:00
cve
cve
CVE-2018-5548
2018-09-13 14:29:00
prion
prion
Code injection
2018-09-13 14:29:00