Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
f5F5F5:K87502622
HistoryFeb 10, 2021 - 12:00 a.m.

K87502622 : iControl REST vulnerability CVE-2021-22978

2021-02-1000:00:00
my.f5.com
11
icontrol rest
reflected xss
admin role compromise
big-ip
phishing attack

AI Score

7.8

Confidence

High

EPSS

0.002

Percentile

57.1%

JSON

Security Advisory Description

Undisclosed endpoints in iControl REST allow for a reflected XSS attack, which could lead to a complete compromise of BIG-IP if the victim user is granted the admin role. (CVE-2021-22978)

Impact

An attacker may exploit this vulnerability using a crafted URL to a reflected cross-site scripting (XSS) attack in an undisclosed page of the Configuration utility. This vulnerability is most likely to take the form of a phishing attack.

Related

prion 1
cvelist 1
nessus 1
nvd 1
cve 1
prion
prion
Cross site scripting
2021-02-12 20:15:00
cvelist
cvelist
CVE-2021-22978
2021-02-12 19:18:12
nessus
nessus
F5 Networks BIG-IP : iControl REST vulnerability (K87502622)
2021-02-11 00:00:00
nvd
nvd
CVE-2021-22978
2021-02-12 20:15:13
cve
cve
CVE-2021-22978
2021-02-12 20:15:13

AI Score

7.8

Confidence

High

EPSS

0.002

Percentile

57.1%

JSON
Related for F5:K87502622
prion1cvelist1nessus1nvd1cve1