K21540525 : F5 TMUI XSS vulnerability CVE-2020-5945

Security Advisory Description

Undisclosed TMUI page contains a stored cross site scripting vulnerability (XSS). The issue allows a minor privilege escalation for resource admin to escalate to full admin. (CVE-2020-5945)

Impact

A malicious, authenticated user with Resource Administrator privileges may be able to exploit this vulnerability to escalate their role to full Administrator privileges and execute system commands. This vulnerability is located in an undisclosed Configuration utility (TMUI) page.