On F5 BIG-IP 12.1.0-12.1.3.1, 11.6.1-11.6.3.1, 11.5.1-11.5.5, or 11.2.1, carefully crafted URLs can be used to reflect arbitrary content into GeoIP lookup responses, potentially exposing clients to XSS.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
f5 big-ip application acceleration manager |
||
f5 big-ip application acceleration manager 11.2.1 |
||
f5 big-ip local traffic manager |
||
f5 big-ip local traffic manager 11.2.1 |
||
f5 big-ip advanced firewall manager 11.2.1 |
||
f5 big-ip advanced firewall manager |
||
f5 big-ip analytics 11.2.1 |
||
f5 big-ip analytics |
||
f5 big-ip access policy manager 11.2.1 |
||
f5 big-ip access policy manager |
||
f5 big-ip application security manager |
||
f5 big-ip application security manager 11.2.1 |
||
f5 big-ip domain name system |
||
f5 big-ip domain name system 11.2.1 |
||
f5 big-ip edge gateway 11.2.1 |
||
f5 big-ip edge gateway |
||
f5 big-ip global traffic manager 11.2.1 |
||
f5 big-ip global traffic manager |
||
f5 big-ip link controller |
||
f5 big-ip link controller 11.2.1 |
||
f5 big-ip policy enforcement manager |
||
f5 big-ip policy enforcement manager 11.2.1 |
||
f5 big-ip webaccelerator |
||
f5 big-ip webaccelerator 11.2.1 |
||
f5 big-ip websafe |
||
f5 big-ip websafe 11.2.1 |