Sign-up

ID

VAR-201706-0138


CVE

CVE-2016-7469


TITLE

plural F5 Product Configuration Utility Device name change page vulnerable to cross-site scripting

Trust: 0.8

sources: JVNDB: JVNDB-2016-008670

DESCRIPTION

A stored cross-site scripting (XSS) vulnerability in the Configuration utility device name change page in BIG-IP LTM, AAM, AFM, Analytics, APM, ASM, DNS, Edge Gateway, GTM, Link Controller, PEM, PSM, WebAccelerator, WOM and WebSafe version 12.0.0 - 12.1.2, 11.4.0 - 11.6.1, and 11.2.1 allows an authenticated user to inject arbitrary web script or HTML. Exploitation requires Resource Administrator or Administrator privileges, and it could cause the Configuration utility client to become unstable. Multiple F5 BIG-IP Products are prone to an unspecified HTML-injection vulnerability. Successful exploits will allow attacker-supplied HTML and script code to run in the context of the affected browser, potentially allowing the attacker to steal cookie-based authentication credentials or control how the site is rendered to the user. Other attacks are also possible. F5 BIG-IP Analytics and others are products of F5 Corporation of the United States. F5 BIG-IP Analytics is a suite of web application performance analysis software. APM is a set of solutions that provide secure and unified access to business-critical applications and networks. LTM is a local traffic manager. A remote attacker can exploit this vulnerability to inject arbitrary web script or HTML

Trust: 1.98

sources: NVD: CVE-2016-7469 // JVNDB: JVNDB-2016-008670 // BID: 95320 // VULHUB: VHN-96289

AFFECTED PRODUCTS

vendor:f5model:big-ip application acceleration managerscope:eqversion:11.5.2

Trust: 1.6

vendor:f5model:big-ip application acceleration managerscope:eqversion:11.4.0

Trust: 1.6

vendor:f5model:big-ip application acceleration managerscope:eqversion:11.4.1

Trust: 1.6

vendor:f5model:big-ip local traffic managerscope:eqversion:12.1.1

Trust: 1.6

vendor:f5model:big-ip application acceleration managerscope:eqversion:11.5.4

Trust: 1.6

vendor:f5model:big-ip local traffic managerscope:eqversion:12.0.0

Trust: 1.6

vendor:f5model:big-ip application acceleration managerscope:eqversion:11.5.3

Trust: 1.6

vendor:f5model:big-ip application acceleration managerscope:eqversion:11.5.1

Trust: 1.6

vendor:f5model:big-ip local traffic managerscope:eqversion:12.1.2

Trust: 1.6

vendor:f5model:big-ip application acceleration managerscope:eqversion:11.5.0

Trust: 1.6

vendor:f5model:big-ip link controllerscope:eqversion:12.1.0

Trust: 1.3

vendor:f5model:big-ip link controllerscope:eqversion:11.5.4

Trust: 1.3

vendor:f5model:big-ip edge gatewayscope:eqversion:11.2.1

Trust: 1.3

vendor:f5model:big-ip link controllerscope:eqversion:11.5.1

Trust: 1.3

vendor:f5model:big-ip link controllerscope:eqversion:12.1.2

Trust: 1.3

vendor:f5model:big-ip link controllerscope:eqversion:11.6.1

Trust: 1.3

vendor:f5model:big-ip analyticsscope:eqversion:11.5.1

Trust: 1.3

vendor:f5model:big-ip websafescope:eqversion:11.6.1

Trust: 1.3

vendor:f5model:big-ip analyticsscope:eqversion:12.1.2

Trust: 1.3

vendor:f5model:big-ip analyticsscope:eqversion:12.1.0

Trust: 1.3

vendor:f5model:big-ip analyticsscope:eqversion:11.6.0

Trust: 1.3

vendor:f5model:big-ip analyticsscope:eqversion:11.5.4

Trust: 1.3

vendor:f5model:big-ip link controllerscope:eqversion:11.5.3

Trust: 1.3

vendor:f5model:big-ip analyticsscope:eqversion:11.5.3

Trust: 1.3

vendor:f5model:big-ip link controllerscope:eqversion:11.5.2

Trust: 1.3

vendor:f5model:big-ip analyticsscope:eqversion:11.6.1

Trust: 1.3

vendor:f5model:big-ip link controllerscope:eqversion:11.2.1

Trust: 1.3

vendor:f5model:big-ip link controllerscope:eqversion:11.4.1

Trust: 1.3

vendor:f5model:big-ip webacceleratorscope:eqversion:11.2.1

Trust: 1.3

vendor:f5model:big-ip link controllerscope:eqversion:12.1.1

Trust: 1.3

vendor:f5model:big-ip analyticsscope:eqversion:12.1.1

Trust: 1.3

vendor:f5model:big-ip analyticsscope:eqversion:11.5.2

Trust: 1.3

vendor:f5model:enterprise managerscope:eqversion:3.1.1

Trust: 1.3

vendor:f5model:big-ip analyticsscope:eqversion:11.4.1

Trust: 1.3

vendor:f5model:big-ip application security managerscope:eqversion:11.5.1

Trust: 1.0

vendor:f5model:big-ip policy enforcement managerscope:eqversion:12.1.1

Trust: 1.0

vendor:f5model:big-ip global traffic managerscope:eqversion:11.4.1

Trust: 1.0

vendor:f5model:big-ip application acceleration managerscope:eqversion:11.6.0

Trust: 1.0

vendor:f5model:big-ip policy enforcement managerscope:eqversion:11.5.4

Trust: 1.0

vendor:f5model:big-ip policy enforcement managerscope:eqversion:12.0.0

Trust: 1.0

vendor:f5model:big-ip global traffic managerscope:eqversion:11.2.1

Trust: 1.0

vendor:f5model:big-ip policy enforcement managerscope:eqversion:12.1.0

Trust: 1.0

vendor:f5model:big-ip policy enforcement managerscope:eqversion:11.5.3

Trust: 1.0

vendor:f5model:big-ip websafescope:eqversion:12.1.1

Trust: 1.0

vendor:f5model:big-ip global traffic managerscope:eqversion:11.5.4

Trust: 1.0

vendor:f5model:big-ip application acceleration managerscope:eqversion:11.6.1

Trust: 1.0

vendor:f5model:big-ip analyticsscope:eqversion:11.2.1

Trust: 1.0

vendor:f5model:big-ip advanced firewall managerscope:eqversion:11.5.0

Trust: 1.0

vendor:f5model:big-ip policy enforcement managerscope:eqversion:12.1.2

Trust: 1.0

vendor:f5model:big-ip application security managerscope:eqversion:11.4.0

Trust: 1.0

vendor:f5model:big-ip protocol security modulescope:eqversion:11.4.0

Trust: 1.0

vendor:f5model:big-ip local traffic managerscope:eqversion:11.6.0

Trust: 1.0

vendor:f5model:big-ip analyticsscope:eqversion:12.0.0

Trust: 1.0

vendor:f5model:big-ip policy enforcement managerscope:eqversion:11.5.1

Trust: 1.0

vendor:f5model:big-ip global traffic managerscope:eqversion:11.5.3

Trust: 1.0

vendor:f5model:big-ip local traffic managerscope:eqversion:11.4.1

Trust: 1.0

vendor:f5model:big-ip link controllerscope:eqversion:11.5.0

Trust: 1.0

vendor:f5model:big-ip websafescope:eqversion:12.1.0

Trust: 1.0

vendor:f5model:big-ip access policy managerscope:eqversion:11.6.0

Trust: 1.0

vendor:f5model:big-ip advanced firewall managerscope:eqversion:11.6.0

Trust: 1.0

vendor:f5model:big-ip global traffic managerscope:eqversion:11.5.1

Trust: 1.0

vendor:f5model:big-ip access policy managerscope:eqversion:11.4.1

Trust: 1.0

vendor:f5model:big-ip link controllerscope:eqversion:11.4.0

Trust: 1.0

vendor:f5model:big-ip local traffic managerscope:eqversion:11.6.1

Trust: 1.0

vendor:f5model:big-ip application security managerscope:eqversion:11.6.0

Trust: 1.0

vendor:f5model:big-ip local traffic managerscope:eqversion:11.5.2

Trust: 1.0

vendor:f5model:big-ip advanced firewall managerscope:eqversion:11.4.1

Trust: 1.0

vendor:f5model:big-ip application security managerscope:eqversion:12.1.2

Trust: 1.0

vendor:f5model:big-ip advanced firewall managerscope:eqversion:11.2.1

Trust: 1.0

vendor:f5model:big-ip access policy managerscope:eqversion:11.5.2

Trust: 1.0

vendor:f5model:big-ip access policy managerscope:eqversion:12.0.0

Trust: 1.0

vendor:f5model:big-ip advanced firewall managerscope:eqversion:11.5.2

Trust: 1.0

vendor:f5model:big-ip domain name systemscope:eqversion:12.1.1

Trust: 1.0

vendor:f5model:big-ip application security managerscope:eqversion:11.6.1

Trust: 1.0

vendor:f5model:big-ip advanced firewall managerscope:eqversion:12.0.0

Trust: 1.0

vendor:f5model:big-ip advanced firewall managerscope:eqversion:11.5.4

Trust: 1.0

vendor:f5model:big-ip application security managerscope:eqversion:12.1.0

Trust: 1.0

vendor:f5model:big-ip domain name systemscope:eqversion:12.0.0

Trust: 1.0

vendor:f5model:big-ip link controllerscope:eqversion:12.0.0

Trust: 1.0

vendor:f5model:big-ip access policy managerscope:eqversion:12.1.2

Trust: 1.0

vendor:f5model:big-ip domain name systemscope:eqversion:12.1.0

Trust: 1.0

vendor:f5model:big-ip advanced firewall managerscope:eqversion:12.1.2

Trust: 1.0

vendor:f5model:big-ip policy enforcement managerscope:eqversion:11.6.0

Trust: 1.0

vendor:f5model:big-ip analyticsscope:eqversion:11.4.0

Trust: 1.0

vendor:f5model:big-ip domain name systemscope:eqversion:12.1.2

Trust: 1.0

vendor:f5model:big-ip global traffic managerscope:eqversion:11.6.0

Trust: 1.0

vendor:f5model:big-ip local traffic managerscope:eqversion:11.5.0

Trust: 1.0

vendor:f5model:big-ip policy enforcement managerscope:eqversion:11.6.1

Trust: 1.0

vendor:f5model:big-ip policy enforcement managerscope:eqversion:11.5.2

Trust: 1.0

vendor:f5model:big-ip application acceleration managerscope:eqversion:12.1.1

Trust: 1.0

vendor:f5model:big-ip local traffic managerscope:eqversion:11.4.0

Trust: 1.0

vendor:f5model:big-ip access policy managerscope:eqversion:11.5.0

Trust: 1.0

vendor:f5model:big-ip websafescope:eqversion:11.6.0

Trust: 1.0

vendor:f5model:big-ip global traffic managerscope:eqversion:11.6.1

Trust: 1.0

vendor:f5model:big-ip application acceleration managerscope:eqversion:12.0.0

Trust: 1.0

vendor:f5model:big-ip application security managerscope:eqversion:11.5.0

Trust: 1.0

vendor:f5model:big-ip access policy managerscope:eqversion:11.4.0

Trust: 1.0

vendor:f5model:big-ip global traffic managerscope:eqversion:11.5.2

Trust: 1.0

vendor:f5model:big-ip advanced firewall managerscope:eqversion:11.4.0

Trust: 1.0

vendor:f5model:big-ip application acceleration managerscope:eqversion:12.1.0

Trust: 1.0

vendor:f5model:big-ip websafescope:eqversion:12.0.0

Trust: 1.0

vendor:f5model:big-ip application acceleration managerscope:eqversion:12.1.2

Trust: 1.0

vendor:f5model:big-ip local traffic managerscope:eqversion:11.2.1

Trust: 1.0

vendor:f5model:big-ip access policy managerscope:eqversion:12.1.1

Trust: 1.0

vendor:f5model:big-ip local traffic managerscope:eqversion:11.5.4

Trust: 1.0

vendor:f5model:big-ip application security managerscope:eqversion:11.4.1

Trust: 1.0

vendor:f5model:big-ip advanced firewall managerscope:eqversion:12.1.1

Trust: 1.0

vendor:f5model:big-ip access policy managerscope:eqversion:11.2.1

Trust: 1.0

vendor:f5model:big-ip protocol security modulescope:eqversion:11.4.1

Trust: 1.0

vendor:f5model:big-ip websafescope:eqversion:12.1.2

Trust: 1.0

vendor:f5model:big-ip local traffic managerscope:eqversion:12.1.0

Trust: 1.0

vendor:f5model:big-ip application security managerscope:eqversion:12.1.1

Trust: 1.0

vendor:f5model:big-ip access policy managerscope:eqversion:11.5.4

Trust: 1.0

vendor:f5model:big-ip application security managerscope:eqversion:11.2.1

Trust: 1.0

vendor:f5model:big-ip local traffic managerscope:eqversion:11.5.3

Trust: 1.0

vendor:f5model:big-ip policy enforcement managerscope:eqversion:11.5.0

Trust: 1.0

vendor:f5model:big-ip link controllerscope:eqversion:11.6.0

Trust: 1.0

vendor:f5model:big-ip access policy managerscope:eqversion:11.6.1

Trust: 1.0

vendor:f5model:big-ip application security managerscope:eqversion:11.5.2

Trust: 1.0

vendor:f5model:big-ip access policy managerscope:eqversion:12.1.0

Trust: 1.0

vendor:f5model:big-ip application security managerscope:eqversion:12.0.0

Trust: 1.0

vendor:f5model:big-ip advanced firewall managerscope:eqversion:11.6.1

Trust: 1.0

vendor:f5model:big-ip application security managerscope:eqversion:11.5.4

Trust: 1.0

vendor:f5model:big-ip advanced firewall managerscope:eqversion:12.1.0

Trust: 1.0

vendor:f5model:big-ip policy enforcement managerscope:eqversion:11.4.0

Trust: 1.0

vendor:f5model:big-ip local traffic managerscope:eqversion:11.5.1

Trust: 1.0

vendor:f5model:big-ip access policy managerscope:eqversion:11.5.3

Trust: 1.0

vendor:f5model:big-ip advanced firewall managerscope:eqversion:11.5.3

Trust: 1.0

vendor:f5model:big-ip global traffic managerscope:eqversion:11.5.0

Trust: 1.0

vendor:f5model:big-ip global traffic managerscope:eqversion:11.4.0

Trust: 1.0

vendor:f5model:big-ip application security managerscope:eqversion:11.5.3

Trust: 1.0

vendor:f5model:big-ip access policy managerscope:eqversion:11.5.1

Trust: 1.0

vendor:f5model:big-ip wan optimization managerscope:eqversion:11.2.1

Trust: 1.0

vendor:f5model:big-ip analyticsscope:eqversion:11.5.0

Trust: 1.0

vendor:f5model:big-ip advanced firewall managerscope:eqversion:11.5.1

Trust: 1.0

vendor:f5model:big-ip policy enforcement managerscope:eqversion:11.4.1

Trust: 1.0

vendor:f5model:big-ip access policy managerscope: - version: -

Trust: 0.8

vendor:f5model:big-ip advanced firewall managerscope: - version: -

Trust: 0.8

vendor:f5model:big-ip analyticsscope: - version: -

Trust: 0.8

vendor:f5model:big-ip application acceleration managerscope: - version: -

Trust: 0.8

vendor:f5model:big-ip application security managerscope: - version: -

Trust: 0.8

vendor:f5model:big-ip domain name systemscope: - version: -

Trust: 0.8

vendor:f5model:big-ip edge gatewayscope: - version: -

Trust: 0.8

vendor:f5model:big-ip global traffic managerscope: - version: -

Trust: 0.8

vendor:f5model:big-ip link controllerscope: - version: -

Trust: 0.8

vendor:f5model:big-ip local traffic managerscope: - version: -

Trust: 0.8

vendor:f5model:big-ip policy enforcement managerscope: - version: -

Trust: 0.8

vendor:f5model:big-ip wan optimization managerscope: - version: -

Trust: 0.8

vendor:f5model:big-ip webacceleratorscope: - version: -

Trust: 0.8

vendor:f5model:big-ip websafescope: - version: -

Trust: 0.8

vendor:f5model:enterprise manager softwarescope: - version: -

Trust: 0.8

vendor:f5model:big-ip ltmscope:neversion:10.2.1

Trust: 0.3

vendor:f5model:big-ip ltmscope:eqversion:12.1.1

Trust: 0.3

vendor:f5model:big-ip asmscope:eqversion:11.5

Trust: 0.3

vendor:f5model:big-ip edge gatewayscope:neversion:10.2.2

Trust: 0.3

vendor:f5model:big-ip pemscope:eqversion:11.5.1

Trust: 0.3

vendor:f5model:big-ip aamscope:eqversion:11.5.1

Trust: 0.3

vendor:f5model:big-ip pemscope:eqversion:11.6.1

Trust: 0.3

vendor:f5model:big-ip pemscope:eqversion:12.1.2

Trust: 0.3

vendor:f5model:big-ip asmscope:eqversion:11.4

Trust: 0.3

vendor:f5model:big-ip aamscope:eqversion:11.6.1

Trust: 0.3

vendor:f5model:big-ip psmscope:eqversion:11.4.1

Trust: 0.3

vendor:f5model:big-ip asmscope:eqversion:12.1.2

Trust: 0.3

vendor:f5model:big-ip pemscope:eqversion:11.5

Trust: 0.3

vendor:f5model:big-ip aamscope:eqversion:11.5

Trust: 0.3

vendor:f5model:big-ip afmscope:eqversion:11.5.1

Trust: 0.3

vendor:f5model:big-ip apmscope:eqversion:11.6.0

Trust: 0.3

vendor:f5model:big-ip afmscope:eqversion:12.1.2

Trust: 0.3

vendor:f5model:big-ip apmscope:neversion:10.2.4

Trust: 0.3

vendor:f5model:big-ip womscope:eqversion:11.2.1

Trust: 0.3

vendor:f5model:big-ip asmscope:eqversion:11.6.0

Trust: 0.3

vendor:f5model:big-ip apmscope:neversion:10.2.2

Trust: 0.3

vendor:f5model:big-ip apmscope:eqversion:11.5.3

Trust: 0.3

vendor:f5model:big-ip ltmscope:neversion:10.2.3

Trust: 0.3

vendor:f5model:big-ip asmscope:neversion:10.2.2

Trust: 0.3

vendor:f5model:big-ip asmscope:eqversion:11.5.3

Trust: 0.3

vendor:f5model:big-ip pemscope:eqversion:11.6.0

Trust: 0.3

vendor:f5model:big-ip pemscope:eqversion:11.5.4

Trust: 0.3

vendor:f5model:big-ip edge gatewayscope:neversion:10.2.1

Trust: 0.3

vendor:f5model:big-ip link controllerscope:eqversion:11.5

Trust: 0.3

vendor:f5model:big-ip afmscope:eqversion:12.1.0

Trust: 0.3

vendor:f5model:big-ip afmscope:eqversion:11.6.0

Trust: 0.3

vendor:f5model:big-ip apmscope:eqversion:11.2.1

Trust: 0.3

vendor:f5model:big-ip pemscope:eqversion:11.5.3

Trust: 0.3

vendor:f5model:big-ip gtmscope:eqversion:11.5.4

Trust: 0.3

vendor:f5model:big-ip afmscope:eqversion:11.5.4

Trust: 0.3

vendor:f5model:big-ip link controllerscope:eqversion:11.4

Trust: 0.3

vendor:f5model:big-ip apmscope:eqversion:12.0

Trust: 0.3

vendor:f5model:big-ip aamscope:eqversion:11.5.2

Trust: 0.3

vendor:f5model:big-ip apmscope:eqversion:11.4.1

Trust: 0.3

vendor:f5model:big-ip aamscope:eqversion:11.4.0

Trust: 0.3

vendor:f5model:big-ip apmscope:eqversion:11.5.0

Trust: 0.3

vendor:f5model:big-ip afmscope:eqversion:11.5.3

Trust: 0.3

vendor:f5model:big-ip gtmscope:neversion:10.2.1

Trust: 0.3

vendor:f5model:big-ip asmscope:eqversion:12.0

Trust: 0.3

vendor:f5model:big-ip asmscope:eqversion:11.4.1

Trust: 0.3

vendor:f5model:big-ip link controllerscope:eqversion:11.6

Trust: 0.3

vendor:f5model:big-ip ltmscope:eqversion:12.1.2

Trust: 0.3

vendor:f5model:big-ip gtmscope:eqversion:11.5.1

Trust: 0.3

vendor:f5model:big-ip websafescope:eqversion:11.6

Trust: 0.3

vendor:f5model:big-ip gtmscope:eqversion:11.6.1

Trust: 0.3

vendor:f5model:big-ip apmscope:eqversion:12.1.1

Trust: 0.3

vendor:f5model:big-ip afmscope:eqversion:11.6.1

Trust: 0.3

vendor:f5model:big-ip pemscope:eqversion:12.0

Trust: 0.3

vendor:f5model:big-ip aamscope:eqversion:12.0

Trust: 0.3

vendor:f5model:big-ip aamscope:eqversion:11.4.1

Trust: 0.3

vendor:f5model:big-ip pemscope:eqversion:11.4

Trust: 0.3

vendor:f5model:big-ip gtmscope:eqversion:11.5

Trust: 0.3

vendor:f5model:big-ip edge gatewayscope:neversion:10.2.3

Trust: 0.3

vendor:f5model:big-ip asmscope:eqversion:12.1.1

Trust: 0.3

vendor:f5model:big-ip afmscope:eqversion:11.5

Trust: 0.3

vendor:f5model:big-ip dnsscope:eqversion:12.1.0

Trust: 0.3

vendor:f5model:big-ip gtmscope:eqversion:11.4

Trust: 0.3

vendor:f5model:big-ip afmscope:eqversion:12.0

Trust: 0.3

vendor:f5model:big-ip afmscope:eqversion:11.4

Trust: 0.3

vendor:f5model:big-ip apmscope:eqversion:11.5.2

Trust: 0.3

vendor:f5model:big-ip pemscope:eqversion:12.1.1

Trust: 0.3

vendor:f5model:big-ip aamscope:eqversion:12.1.1

Trust: 0.3

vendor:f5model:big-ip apmscope:eqversion:11.4.0

Trust: 0.3

vendor:f5model:big-ip gtmscope:neversion:10.2.3

Trust: 0.3

vendor:f5model:big-ip asmscope:eqversion:11.5.2

Trust: 0.3

vendor:f5model:big-ip ltmscope:eqversion:12.1.0

Trust: 0.3

vendor:f5model:big-ip ltmscope:eqversion:11.6.0

Trust: 0.3

vendor:f5model:big-ip gtmscope:eqversion:11.6.0

Trust: 0.3

vendor:f5model:big-ip afmscope:eqversion:12.1.1

Trust: 0.3

vendor:f5model:big-ip ltmscope:eqversion:11.5.4

Trust: 0.3

vendor:f5model:big-ip analyticsscope:eqversion:11.5

Trust: 0.3

vendor:f5model:big-ip link controllerscope:eqversion:12.0

Trust: 0.3

vendor:f5model:big-ip websafescope:eqversion:12.0

Trust: 0.3

vendor:f5model:big-ip dnsscope:eqversion:12.1.2

Trust: 0.3

vendor:f5model:big-ip asmscope:eqversion:11.2.1

Trust: 0.3

vendor:f5model:big-ip analyticsscope:eqversion:12.0

Trust: 0.3

vendor:f5model:big-ip ltmscope:eqversion:11.5.3

Trust: 0.3

vendor:f5model:big-ip analyticsscope:eqversion:11.4

Trust: 0.3

vendor:f5model:big-ip gtmscope:eqversion:11.5.3

Trust: 0.3

vendor:f5model:big-ip gtmscope:eqversion:11.5.2

Trust: 0.3

vendor:f5model:big-ip afmscope:eqversion:11.5.2

Trust: 0.3

vendor:f5model:big-ip ltmscope:eqversion:11.5.1

Trust: 0.3

vendor:f5model:big-ip ltmscope:eqversion:11.6.1

Trust: 0.3

vendor:f5model:big-ip apmscope:neversion:10.2.1

Trust: 0.3

vendor:f5model:big-ip pemscope:eqversion:11.4.1

Trust: 0.3

vendor:f5model:big-ip ltmscope:eqversion:11.5

Trust: 0.3

vendor:f5model:big-ip gtmscope:eqversion:11.2.1

Trust: 0.3

vendor:f5model:big-ip asmscope:neversion:10.2.1

Trust: 0.3

vendor:f5model:big-ip ltmscope:eqversion:11.4

Trust: 0.3

vendor:f5model:big-ip gtmscope:eqversion:11.4.1

Trust: 0.3

vendor:f5model:big-ip afmscope:eqversion:11.4.1

Trust: 0.3

vendor:f5model:big-ip ltmscope:neversion:10.2.4

Trust: 0.3

vendor:f5model:big-ip apmscope:neversion:10.2.3

Trust: 0.3

vendor:f5model:big-ip aamscope:eqversion:12.1.2

Trust: 0.3

vendor:f5model:big-ip gtmscope:neversion:10.2.4

Trust: 0.3

vendor:f5model:big-ip ltmscope:neversion:10.2.2

Trust: 0.3

vendor:f5model:big-ip asmscope:neversion:10.2.3

Trust: 0.3

vendor:f5model:big-ip asmscope:neversion:10.2.40

Trust: 0.3

vendor:f5model:big-ip psmscope:eqversion:11.4

Trust: 0.3

vendor:f5model:big-ip gtmscope:neversion:10.2.2

Trust: 0.3

vendor:f5model:big-ip apmscope:eqversion:12.1.0

Trust: 0.3

vendor:f5model:big-ip ltmscope:eqversion:11.5.2

Trust: 0.3

vendor:f5model:big-ip apmscope:eqversion:11.5.4

Trust: 0.3

vendor:f5model:big-ip dnsscope:eqversion:12.0

Trust: 0.3

vendor:f5model:big-ip asmscope:eqversion:12.1.0

Trust: 0.3

vendor:f5model:big-ip asmscope:eqversion:11.5.4

Trust: 0.3

vendor:f5model:big-ip ltmscope:eqversion:11.2.1

Trust: 0.3

vendor:f5model:big-ip pemscope:eqversion:12.1.0

Trust: 0.3

vendor:f5model:big-ip aamscope:eqversion:12.1.0

Trust: 0.3

vendor:f5model:big-ip aamscope:eqversion:11.6.0

Trust: 0.3

vendor:f5model:big-ip ltmscope:eqversion:12.0

Trust: 0.3

vendor:f5model:big-ip ltmscope:eqversion:11.4.1

Trust: 0.3

vendor:f5model:big-ip websafescope:eqversion:12.1

Trust: 0.3

vendor:f5model:big-ip dnsscope:eqversion:12.1.1

Trust: 0.3

vendor:f5model:big-ip apmscope:eqversion:11.5.1

Trust: 0.3

vendor:f5model:big-ip aamscope:eqversion:11.5.4

Trust: 0.3

vendor:f5model:big-ip apmscope:eqversion:12.1.2

Trust: 0.3

vendor:f5model:big-ip apmscope:eqversion:11.6.1

Trust: 0.3

vendor:f5model:big-ip asmscope:eqversion:11.5.1

Trust: 0.3

vendor:f5model:big-ip edge gatewayscope:neversion:10.2.4

Trust: 0.3

vendor:f5model:big-ip asmscope:eqversion:11.6.1

Trust: 0.3

vendor:f5model:big-ip aamscope:eqversion:11.5.3

Trust: 0.3

sources: BID: 95320 // JVNDB: JVNDB-2016-008670 // CNNVD: CNNVD-201701-165 // NVD: CVE-2016-7469

CVSS

SEVERITY

CVSSV2

CVSSV3

nvd@nist.gov: CVE-2016-7469
value: MEDIUM

Trust: 1.0

NVD: CVE-2016-7469
value: MEDIUM

Trust: 0.8

CNNVD: CNNVD-201701-165
value: MEDIUM

Trust: 0.6

VULHUB: VHN-96289
value: LOW

Trust: 0.1

nvd@nist.gov: CVE-2016-7469
severity: LOW
baseScore: 3.5
vectorString: AV:N/AC:M/AU:S/C:N/I:P/A:N
accessVector: NETWORK
accessComplexity: MEDIUM
authentication: SINGLE
confidentialityImpact: NONE
integrityImpact: PARTIAL
availabilityImpact: NONE
exploitabilityScore: 6.8
impactScore: 2.9
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 1.8

VULHUB: VHN-96289
severity: LOW
baseScore: 3.5
vectorString: AV:N/AC:M/AU:S/C:N/I:P/A:N
accessVector: NETWORK
accessComplexity: MEDIUM
authentication: SINGLE
confidentialityImpact: NONE
integrityImpact: PARTIAL
availabilityImpact: NONE
exploitabilityScore: 6.8
impactScore: 2.9
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 0.1

nvd@nist.gov: CVE-2016-7469
baseSeverity: MEDIUM
baseScore: 5.4
vectorString: CVSS:3.0/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N
attackVector: NETWORK
attackComplexity: LOW
privilegesRequired: LOW
userInteraction: REQUIRED
scope: CHANGED
confidentialityImpact: LOW
integrityImpact: LOW
availabilityImpact: NONE
exploitabilityScore: 2.3
impactScore: 2.7
version: 3.0

Trust: 1.8

sources: VULHUB: VHN-96289 // JVNDB: JVNDB-2016-008670 // CNNVD: CNNVD-201701-165 // NVD: CVE-2016-7469

PROBLEMTYPE DATA

problemtype:CWE-79

Trust: 1.9

sources: VULHUB: VHN-96289 // JVNDB: JVNDB-2016-008670 // NVD: CVE-2016-7469

THREAT TYPE

remote

Trust: 0.6

sources: CNNVD: CNNVD-201701-165

TYPE

XSS

Trust: 0.6

sources: CNNVD: CNNVD-201701-165

CONFIGURATIONS

sources:
            
            
            JVNDB: JVNDB-2016-008670

PATCH
title:K97285349: XSS vulnerability in the BIG-IP and Enterprise Manager Configuration utilities CVE-2016-7469url:https://support.f5.com/csp/article/K97285349
Trust: 0.8
title:F5 BIG-IP  and Enterprise Manager Fixes for code injection vulnerabilitiesurl:http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=66889
Trust: 0.6
sources:
            
            
            JVNDB: JVNDB-2016-008670 // 
            
            
            
            CNNVD: CNNVD-201701-165

EXTERNAL IDS
db:NVDid:CVE-2016-7469
Trust: 2.8
db:BIDid:95320
Trust: 2.0
db:SECTRACKid:1037559
Trust: 1.7
db:SECTRACKid:1037560
Trust: 1.7
db:JVNDBid:JVNDB-2016-008670
Trust: 0.8
db:CNNVDid:CNNVD-201701-165
Trust: 0.7
db:VULHUBid:VHN-96289
Trust: 0.1
sources:
            
            
            VULHUB: VHN-96289 // 
            
            
            
            BID: 95320 // 
            
            
            
            JVNDB: JVNDB-2016-008670 // 
            
            
            
            CNNVD: CNNVD-201701-165 // 
            
            
            
            NVD: CVE-2016-7469

REFERENCES
url:http://www.securityfocus.com/bid/95320
Trust: 2.3
url:https://support.f5.com/csp/article/k97285349
Trust: 1.7
url:http://www.securitytracker.com/id/1037559
Trust: 1.7
url:http://www.securitytracker.com/id/1037560
Trust: 1.7
url:http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2016-7469
Trust: 0.8
url:https://nvd.nist.gov/vuln/detail/cve-2016-7469
Trust: 0.8
url:http://www.f5.com/products/big-ip/
Trust: 0.3
url:https://support.f5.com/csp/#/article/k97285349
Trust: 0.3
sources:
            
            
            VULHUB: VHN-96289 // 
            
            
            
            BID: 95320 // 
            
            
            
            JVNDB: JVNDB-2016-008670 // 
            
            
            
            CNNVD: CNNVD-201701-165 // 
            
            
            
            NVD: CVE-2016-7469

CREDITS
Mukhammad Khalilov of Help AG
Trust: 0.9
sources:
            
            
            BID: 95320 // 
            
            
            
            CNNVD: CNNVD-201701-165

SOURCES
db:VULHUBid:VHN-96289
db:BIDid:95320
db:JVNDBid:JVNDB-2016-008670
db:CNNVDid:CNNVD-201701-165
db:NVDid:CVE-2016-7469

LAST UPDATE DATE
2024-11-23T22:56:12.492000+00:00

SOURCES UPDATE DATE
db:VULHUBid:VHN-96289date:2019-06-06T00:00:00
db:BIDid:95320date:2017-03-16T00:02:00
db:JVNDBid:JVNDB-2016-008670date:2017-07-10T00:00:00
db:CNNVDid:CNNVD-201701-165date:2019-06-11T00:00:00
db:NVDid:CVE-2016-7469date:2024-11-21T02:58:04.063

SOURCES RELEASE DATE
db:VULHUBid:VHN-96289date:2017-06-09T00:00:00
db:BIDid:95320date:2017-01-04T00:00:00
db:JVNDBid:JVNDB-2016-008670date:2017-07-10T00:00:00
db:CNNVDid:CNNVD-201701-165date:2017-01-10T00:00:00
db:NVDid:CVE-2016-7469date:2017-06-09T15:29:00.180