Lucene search
F5F5:K31301245HistoryJul 01, 2020 - 12:00 a.m.
K31301245 : TMUI CSRF vulnerability CVE-2020-5904
2020-07-0100:00:00
my.f5.com
43
Security Advisory Description
A cross-site request forgery (CSRF) vulnerability in the Traffic Management User Interface (TMUI), also referred to as the Configuration utility, exists in an undisclosed page. (CVE-2020-5904)
Impact
An attacker may be able to use the session of an administrator user to execute TMOS Shell (tmsh) commands on the BIG-IP system. This vulnerability affects only the control plane, and an administrator user must be logged in for the exploit to be possible.
Related
nessus
nessus
F5 Networks BIG-IP : BIG-IP TMUI XSS vulnerability (K43638305)
2020-07-01 00:00:00
F5 Networks BIG-IP : TMUI CSRF vulnerability (K31301245)
2020-07-01 00:00:00
prion
prion
Cross site scripting
2020-07-01 15:15:00
Cross site request forgery (csrf)
2020-07-01 15:15:00
f5
f5
K43638305 : BIG-IP TMUI XSS vulnerability CVE-2020-5903
2020-07-01 00:00:00
cve
cve
CVE-2020-5903
2020-07-01 15:15:15
CVE-2020-5904
2020-07-01 15:15:15
nvd
nvd
CVE-2020-5903
2020-07-01 15:15:15
CVE-2020-5904
2020-07-01 15:15:15
ptsecurity
ptsecurity
cvelist
cvelist
CVE-2020-5903
2020-07-01 14:42:00
CVE-2020-5904
2020-07-01 14:39:30
qualysblog
qualysblog
F5 BIG-IP Remote Code Execution Vulnerability (CVE-2020-5902)
2020-07-06 23:09:52
thn
thn
Critical RCE Flaw Affects F5 BIG-IP Application Security Servers
2020-07-04 14:20:00
cert
cert
trendmicroblog
trendmicroblog
threatpost
threatpost
Thousands of Vulnerable F5 BIG-IP Users Still Open to Takeover
2020-07-17 20:59:33
Admins Urged to Patch Critical F5 Flaw Under Active Attack
2020-07-06 19:06:20