Lucene search

[email protected]NVD:CVE-2013-0150

HistoryAug 09, 2013 - 8:56 p.m.

CVE-2013-0150

2013-08-0920:56:06

CWE-22

[email protected]

web.nvd.nist.gov

CVSS2

9.3

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:M/Au:N/C:C/I:C/A:C

AI Score

7.3

Confidence

Low

EPSS

0.017

Percentile

88.2%

JSON

Directory traversal vulnerability in an unspecified signed Java applet in the client-side components in F5 BIG-IP APM 10.1.0 through 10.2.4 and 11.0.0 through 11.3.0, FirePass 6.0.0 through 6.1.0 and 7.0.0, and other products “when APM is provisioned,” allows remote attackers to upload and execute arbitrary files via a … (dot dot) in the filename parameter.

Affected configurations

Nvd

Node

f5big-ip_access_policy_managerRange10.1.0–10.2.4

f5big-ip_access_policy_managerRange11.0.0–11.3.0

f5big-ip_advanced_firewall_managerMatch11.3.0

f5big-ip_analyticsRange11.0.0–11.3.0

f5big-ip_application_security_managerRange10.1.0–10.2.4

f5big-ip_application_security_managerRange11.0.0–11.3.0

f5big-ip_edge_gatewayRange10.1.0–10.2.4

f5big-ip_edge_gatewayRange11.0.0–11.3.0

f5big-ip_global_traffic_managerRange10.1.0–10.2.4

f5big-ip_global_traffic_managerRange11.0.0–11.3.0

f5big-ip_link_controllerRange10.1.0–10.2.4

f5big-ip_link_controllerRange11.0.0–11.3.0

f5big-ip_local_traffic_managerRange10.1.0–10.2.4

f5big-ip_local_traffic_managerRange11.0.0–11.3.0

f5big-ip_policy_enforcement_managerMatch11.3.0

f5big-ip_protocol_security_moduleRange10.1.0–10.2.4

f5big-ip_protocol_security_moduleRange11.0.0–11.3.0

f5big-ip_wan_optimization_managerRange10.1.0–10.2.4

f5big-ip_wan_optimization_managerRange11.0.0–11.3.0

f5big-ip_webacceleratorRange10.1.0–10.2.4

f5big-ip_webacceleratorRange11.0.0–11.3.0

f5firepassRange6.0.0–6.1.0

f5firepassMatch7.0.0

VendorProductVersionCPE
f5big-ip_access_policy_manager*cpe:2.3:a:f5:big-ip_access_policy_manager:*:*:*:*:*:*:*:*
f5big-ip_advanced_firewall_manager11.3.0cpe:2.3:a:f5:big-ip_advanced_firewall_manager:11.3.0:*:*:*:*:*:*:*
f5big-ip_analytics*cpe:2.3:a:f5:big-ip_analytics:*:*:*:*:*:*:*:*
f5big-ip_application_security_manager*cpe:2.3:a:f5:big-ip_application_security_manager:*:*:*:*:*:*:*:*
f5big-ip_edge_gateway*cpe:2.3:a:f5:big-ip_edge_gateway:*:*:*:*:*:*:*:*
f5big-ip_global_traffic_manager*cpe:2.3:a:f5:big-ip_global_traffic_manager:*:*:*:*:*:*:*:*
f5big-ip_link_controller*cpe:2.3:a:f5:big-ip_link_controller:*:*:*:*:*:*:*:*
f5big-ip_local_traffic_manager*cpe:2.3:a:f5:big-ip_local_traffic_manager:*:*:*:*:*:*:*:*
f5big-ip_policy_enforcement_manager11.3.0cpe:2.3:a:f5:big-ip_policy_enforcement_manager:11.3.0:*:*:*:*:*:*:*
f5big-ip_protocol_security_module*cpe:2.3:a:f5:big-ip_protocol_security_module:*:*:*:*:*:*:*:*

Vendor	Product	Version	CPE
f5	big-ip_access_policy_manager	*	cpe:2.3:a:f5:big-ip_access_policy_manager::::::::
f5	big-ip_advanced_firewall_manager	11.3.0	cpe:2.3:a:f5:big-ip_advanced_firewall_manager:11.3.0:::::::*
f5	big-ip_analytics	*	cpe:2.3:a:f5:big-ip_analytics::::::::
f5	big-ip_application_security_manager	*	cpe:2.3:a:f5:big-ip_application_security_manager::::::::
f5	big-ip_edge_gateway	*	cpe:2.3:a:f5:big-ip_edge_gateway::::::::
f5	big-ip_global_traffic_manager	*	cpe:2.3:a:f5:big-ip_global_traffic_manager::::::::
f5	big-ip_link_controller	*	cpe:2.3:a:f5:big-ip_link_controller::::::::
f5	big-ip_local_traffic_manager	*	cpe:2.3:a:f5:big-ip_local_traffic_manager::::::::
f5	big-ip_policy_enforcement_manager	11.3.0	cpe:2.3:a:f5:big-ip_policy_enforcement_manager:11.3.0:::::::*
f5	big-ip_protocol_security_module	*	cpe:2.3:a:f5:big-ip_protocol_security_module::::::::