Directory traversal vulnerability in an unspecified signed Java applet in the client-side components in F5 BIG-IP APM 10.1.0 up to and including 10.2.4 and 11.0.0 up to and including 11.3.0, FirePass 6.0.0 up to and including 6.1.0 and 7.0.0, and other products "when APM is provisioned," allows remote malicious users to upload and execute arbitrary files via a .. (dot dot) in the filename parameter.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
f5 big-ip advanced firewall manager 11.3.0 |
||
f5 big-ip policy enforcement manager 11.3.0 |
||
f5 firepass 7.0.0 |
||
f5 big-ip access policy manager |
||
f5 big-ip edge gateway |
||
f5 big-ip webaccelerator |
||
f5 big-ip wan optimization manager |
||
f5 firepass |
||
f5 big-ip link controller |
||
f5 big-ip global traffic manager |
||
f5 big-ip protocol security module |
||
f5 big-ip local traffic manager |
||
f5 big-ip application security manager |
||
f5 big-ip analytics |