XML External Entity (XXE) vulnerability in sam/admin/vpe2/public/php/server.php in F5 BIG-IP 10.0.0 up to and including 10.2.4 and 11.0.0 up to and including 11.2.1 allows remote authenticated users to read arbitrary files via a crafted XML file.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
f5 big-ip configuration utility 10.0.0 |
||
f5 big-ip configuration utility 10.2.4 |
||
f5 big-ip configuration utility 11.0.0 |
||
f5 big-ip configuration utility 11.2.1 |