7.5
CVSSv2

CVE-2012-3000

Published: 30/01/2014 Updated: 21/11/2024

Vulnerability Summary

Multiple SQL injection vulnerabilities in sam/admin/reports/php/saveSettings.php in the (1) APM WebGUI in F5 BIG-IP LTM, GTM, ASM, Link Controller, PSM, APM, Edge Gateway, and Analytics and (2) AVR WebGUI in WebAccelerator and WOM 11.2.x prior to 11.2.0-HF3 and 11.2.x prior to 11.2.1-HF3 allow remote authenticated users to execute arbitrary SQL commands via the defaultQuery parameter.

Vulnerable Product Search on Vulmon Subscribe to Product

f5 big-ip webaccelerator 11.0.0

f5 big-ip webaccelerator 11.1.0

f5 big-ip webaccelerator 11.2.0

f5 big-ip webaccelerator 11.2.1

f5 big-ip global traffic manager 11.0.0

f5 big-ip global traffic manager 11.1.0

f5 big-ip global traffic manager 11.2.0

f5 big-ip global traffic manager 11.2.1

f5 big-ip local traffic manager 11.0.0

f5 big-ip local traffic manager 11.1.0

f5 big-ip local traffic manager 11.2.0

f5 big-ip local traffic manager 11.2.1

f5 big-ip protocol security module 11.0.0

f5 big-ip protocol security module 11.1.0

f5 big-ip protocol security module 11.2.0

f5 big-ip protocol security module 11.2.1

f5 big-ip wan optimization manager 11.0.0

f5 big-ip wan optimization manager 11.1.0

f5 big-ip wan optimization manager 11.2.0

f5 big-ip wan optimization manager 11.2.1

f5 big-ip link controller 11.0.0

f5 big-ip link controller 11.1.0

f5 big-ip link controller 11.2.0

f5 big-ip link controller 11.2.1

f5 big-ip analytics 11.0.0

f5 big-ip analytics 11.1.0

f5 big-ip analytics 11.2.0

f5 big-ip analytics 11.2.1

f5 big-ip application security manager 11.0.0

f5 big-ip application security manager 11.1.0

f5 big-ip application security manager 11.2.0

f5 big-ip application security manager 11.2.1

f5 big-ip access policy manager 11.1.0

f5 big-ip access policy manager 11.2.0

f5 big-ip access policy manager 11.2.1

f5 big-ip access policy manager 11.0.0

f5 big-ip edge gateway 11.0.0

f5 big-ip edge gateway 11.1.0

f5 big-ip edge gateway 11.2.0

f5 big-ip edge gateway 11.2.1

Exploits

F5 BIG-IP versions 1120 and below suffer from a remote SQL injection vulnerability ...