Lucene search
PRIOn knowledge basePRION:CVE-2021-22994HistoryMar 31, 2021 - 6:15 p.m.
Cross site scripting
2021-03-3118:15:00
PRIOn knowledge base
www.prio-n.com
6
On BIG-IP versions 16.0.x before 16.0.1.1, 15.1.x before 15.1.2.1, 14.1.x before 14.1.4, 13.1.x before 13.1.3.6, 12.1.x before 12.1.5.3, and 11.6.x before 11.6.5.3, undisclosed endpoints in iControl REST allow for a reflected XSS attack, which could lead to a complete compromise of the BIG-IP system if the victim user is granted the admin role. This vulnerability is due to an incomplete fix for CVE-2020-5948. Note: Software versions which have reached End of Software Development (EoSD) are not evaluated.
References
Related
nvd
nvd
CVE-2021-22994
2021-03-31 18:15:14
CVE-2020-5948
2020-12-11 19:15:13
cvelist
cvelist
CVE-2021-22994
2021-03-31 17:25:07
CVE-2020-5948
2020-12-11 18:56:29
cve
cve
CVE-2021-22994
2021-03-31 18:15:14
CVE-2020-5948
2020-12-11 19:15:13
nessus
nessus
F5 Networks BIG-IP : F5 TMUI XSS vulnerability (K66851119)
2021-03-10 00:00:00
F5 Networks BIG-IP : F5 TMUI XSS vulnerability (K42696541)
2020-12-11 00:00:00
f5
f5
K66851119 : F5 TMUI XSS vulnerability CVE-2021-22994
2021-03-10 00:00:00
K42696541 : F5 TMUI XSS vulnerability CVE-2020-5948
2020-12-11 00:00:00
K02566623 : Overview of F5 vulnerabilities (March 2021)
2021-03-10 00:00:00
prion
prion
Cross site scripting
2020-12-11 19:15:00
attackerkb
attackerkb
CVE-2020-5948 — F5 TMUI XSS vulnerability
2020-12-11 00:00:00
rapid7blog
rapid7blog