Code injection

2019-07-0319:15:00

PRIOn knowledge base

www.prio-n.com

6.5 Medium

AI Score

Confidence

High

0.002 Low

EPSS

Percentile

54.4%

JSON

On BIG-IP 14.1.0-14.1.0.5 and 14.0.0-14.0.0.4, Malformed http requests made to an undisclosed iControl REST endpoint can lead to infinite loop of the restjavad process.

CPENameOperatorVersion
big-ip_access_policy_managerge14.0.0
big-ip_access_policy_managerlt14.0.0.5
big-ip_access_policy_managerge14.1.0
big-ip_access_policy_managerlt14.1.0.6
big-ip_advanced_firewall_managerge14.0.0
big-ip_advanced_firewall_managerlt14.0.0.5
big-ip_advanced_firewall_managerge14.1.0
big-ip_advanced_firewall_managerlt14.1.0.6
big-ip_analyticsge14.0.0
big-ip_analyticslt14.0.0.5

Name	Operator	Version
big-ip_access_policy_manager	ge	14.0.0
big-ip_access_policy_manager	lt	14.0.0.5
big-ip_access_policy_manager	ge	14.1.0
big-ip_access_policy_manager	lt	14.1.0.6
big-ip_advanced_firewall_manager	ge	14.0.0
big-ip_advanced_firewall_manager	lt	14.0.0.5
big-ip_advanced_firewall_manager	ge	14.1.0
big-ip_advanced_firewall_manager	lt	14.1.0.6
big-ip_analytics	ge	14.0.0
big-ip_analytics	lt	14.0.0.5