Loading HuntDB...
Hunt
Vulnerability Intelligence by wss.sh
Home Daily Briefings High Impact CVEs Recent Exploits KEV Catalog GitHub Advisories Latest Updates Security News
Sign In Sign Up

CVE-2016-7469

UNKNOWN
Published 2017-06-09T15:00:00
Actions:

Expert Analysis

Professional remediation guidance

Get tailored security recommendations from our analyst team for CVE-2016-7469. We'll provide specific mitigation strategies based on your environment and risk profile.

No CVSS data available

Description

A stored cross-site scripting (XSS) vulnerability in the Configuration utility device name change page in BIG-IP LTM, AAM, AFM, Analytics, APM, ASM, DNS, Edge Gateway, GTM, Link Controller, PEM, PSM, WebAccelerator, WOM and WebSafe version 12.0.0 - 12.1.2, 11.4.0 - 11.6.1, and 11.2.1 allows an authenticated user to inject arbitrary web script or HTML. Exploitation requires Resource Administrator or Administrator privileges, and it could cause the Configuration utility client to become unstable.

Available Exploits

No exploits available for this CVE.

Related News

No news articles found for this CVE.

Affected Products

F5 Networks, Inc.

BIG-IP LTM, AAM, AFM, Analytics, APM, ASM, DNS, Edge Gateway, GTM, Link Controller, PEM, PSM,WebAccelerator,WOM,WebSafe

Affected Versions:

12.0.0 - 12.1.2 11.4.0 - 11.6.1 11.2.1

GitHub Security Advisories

Community-driven vulnerability intelligence from GitHub

⚠ Unreviewed MODERATE

GHSA-j3wv-r8m8-mxcg

Advisory Details

A stored cross-site scripting (XSS) vulnerability in the Configuration utility device name change page in BIG-IP LTM, AAM, AFM, Analytics, APM, ASM, DNS, Edge Gateway, GTM, Link Controller, PEM, PSM, WebAccelerator, WOM and WebSafe version 12.0.0 - 12.1.2, 11.4.0 - 11.6.1, and 11.2.1 allows an authenticated user to inject arbitrary web script or HTML. Exploitation requires Resource Administrator or Administrator privileges, and it could cause the Configuration utility client to become unstable.

CVSS Scoring

CVSS Score

5.0

CVSS Vector

CVSS:3.0/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N

References

ADVISORY https://nvd.nist.gov/vuln/detail/CVE-2016-7469
WEB https://support.f5.com/csp/article/K97285349
WEB http://www.securityfocus.com/bid/95320
WEB http://www.securitytracker.com/id/1037559
WEB http://www.securitytracker.com/id/1037560

Advisory provided by GitHub Security Advisory Database. Published: May 14, 2022, Modified: May 14, 2022

References

https://support.f5.com/csp/article/K97285349
http://www.securitytracker.com/id/1037559
http://www.securityfocus.com/bid/95320
http://www.securitytracker.com/id/1037560
Published: 2017-06-09T15:00:00
Last Modified: 2024-08-06T01:57:47.636Z
Copied to clipboard!