2019-02-14 01:29:00 2019-02-14 17:27:01

On BIG-IP 14.0.0-14.0.0.2, 13.0.0-13.1.1.3, 12.1.0-12.1.3.7, and 11.6.0-11.6.3.2, a reflected Cross Site Scripting (XSS) vulnerability is present in an undisclosed page of the BIG-IP TMUI (Traffic Management User Interface) also known as the BIG-IP configuration utility.

Vector

NETWORK

Complexity

MEDIUM

Authentication

NONE

Confidentiality

NONE

Integrity

PARTIAL

Availability

NONE
F5 Big-IP Access Policy Manager (APM) 11.6.0 F5 Big-ip access policy manager 11.6.1 (not an official CPE) F5 Big-ip access policy manager 11.6.2 (not an official CPE) F5 Big-ip access policy manager 11.6.3 (not an official CPE) F5 Big-ip access policy manager 11.6.3.1 (not an official CPE) F5 Big-ip access policy manager 12.1.0 (not an official CPE) F5 Big-ip access policy manager 12.1.1 (not an official CPE) F5 Big-ip access policy manager 12.1.2 (not an official CPE) F5 Big-ip access policy manager 12.1.3 (not an official CPE) F5 Big-ip access policy manager 12.1.3.1 (not an official CPE) F5 Big-ip access policy manager 12.1.3.2 (not an official CPE) F5 Big-ip access policy manager 12.1.3.3 (not an official CPE) F5 Big-ip access policy manager 12.1.3.4 (not an official CPE) F5 Big-ip access policy manager 12.1.3.5 (not an official CPE) F5 Big-ip access policy manager 12.1.3.6 (not an official CPE) F5 Big-ip access policy manager 12.1.3.7 (not an official CPE) F5 Big-ip access policy manager 13.0.0 (not an official CPE) F5 Big-ip access policy manager 13.0.1 (not an official CPE) F5 Big-ip access policy manager 13.1.0 (not an official CPE) F5 Big-ip access policy manager 13.1.0.1 (not an official CPE) F5 Big-ip access policy manager 13.1.0.2 (not an official CPE) F5 Big-ip access policy manager 13.1.0.3 (not an official CPE) F5 Big-ip access policy manager 13.1.0.4 (not an official CPE) F5 Big-ip access policy manager 13.1.0.5 (not an official CPE) F5 Big-ip access policy manager 13.1.0.6 (not an official CPE) F5 Big-ip access policy manager 13.1.0.7 (not an official CPE) F5 Big-ip access policy manager 13.1.0.8 (not an official CPE) F5 Big-ip access policy manager 13.1.1 (not an official CPE) F5 Big-ip access policy manager 14.0.0 (not an official CPE) F5 Big-ip advanced firewall manager 11.6.0 (not an official CPE) F5 Big-ip advanced firewall manager 11.6.1 (not an official CPE) F5 Big-ip advanced firewall manager 11.6.2 (not an official CPE) F5 Big-ip advanced firewall manager 11.6.3 (not an official CPE) F5 Big-ip advanced firewall manager 12.1.0 (not an official CPE) F5 Big-ip advanced firewall manager 12.1.1 (not an official CPE) F5 Big-ip advanced firewall manager 12.1.2 (not an official CPE) F5 Big-ip advanced firewall manager 12.1.3 (not an official CPE) F5 Big-ip advanced firewall manager 12.1.3.6 (not an official CPE) F5 Big-ip advanced firewall manager 13.0.0 (not an official CPE) F5 Big-ip advanced firewall manager 13.0.1 (not an official CPE) F5 Big-ip advanced firewall manager 13.1.0 (not an official CPE) F5 Big-ip advanced firewall manager 13.1.1 (not an official CPE) F5 Big-ip advanced firewall manager 13.1.1.1 (not an official CPE) F5 Big-ip advanced firewall manager 14.0.0 (not an official CPE) F5 Big-ip analytics 11.6.0 (not an official CPE) F5 Big-ip analytics 11.6.1 (not an official CPE) F5 Big-ip analytics 11.6.2 (not an official CPE) F5 Big-ip analytics 11.6.3 (not an official CPE) F5 Big-ip analytics 12.1.0 (not an official CPE) F5 Big-ip analytics 12.1.1 (not an official CPE) F5 Big-ip analytics 12.1.2 (not an official CPE) F5 Big-ip analytics 12.1.3 (not an official CPE) F5 Big-ip analytics 13.0.0 (not an official CPE) F5 Big-ip analytics 13.0.1 (not an official CPE) F5 Big-ip analytics 13.1.0 (not an official CPE) F5 Big-ip analytics 13.1.1 (not an official CPE) F5 Big-ip analytics 14.0.0 (not an official CPE) F5 Big-ip application acceleration manager 11.6.0 (not an official CPE) F5 Big-ip application acceleration manager 11.6.1 (not an official CPE) F5 Big-ip application acceleration manager 11.6.2 (not an official CPE) F5 Big-ip application acceleration manager 11.6.3 (not an official CPE) F5 Big-ip application acceleration manager 12.1.0 (not an official CPE) F5 Big-ip application acceleration manager 12.1.1 (not an official CPE) F5 Big-ip application acceleration manager 12.1.2 (not an official CPE) F5 Big-ip application acceleration manager 12.1.3 (not an official CPE) F5 Big-ip application acceleration manager 13.0.0 (not an official CPE) F5 Big-ip application acceleration manager 13.0.1 (not an official CPE) F5 Big-ip application acceleration manager 13.1.0 (not an official CPE) F5 Big-ip application acceleration manager 13.1.1 (not an official CPE) F5 Big-ip application acceleration manager 14.0.0 (not an official CPE) F5 Big-ip application security manager 11.6.0 (not an official CPE) F5 Big-ip application security manager 11.6.1 (not an official CPE) F5 Big-ip application security manager 11.6.2 (not an official CPE) F5 Big-ip application security manager 11.6.3 (not an official CPE) F5 Big-ip application security manager 12.1.0 (not an official CPE) F5 Big-ip application security manager 12.1.1 (not an official CPE) F5 Big-ip application security manager 12.1.2 (not an official CPE) F5 Big-ip application security manager 12.1.3 (not an official CPE) F5 Big-ip application security manager 13.0.0 (not an official CPE) F5 Big-ip application security manager 13.0.1 (not an official CPE) F5 Big-ip application security manager 13.1.0 (not an official CPE) F5 Big-ip application security manager 13.1.1 (not an official CPE) F5 Big-ip application security manager 14.0.0 (not an official CPE) F5 Big-ip domain name system 11.6.0 (not an official CPE) F5 Big-ip domain name system 11.6.1 (not an official CPE) F5 Big-ip domain name system 11.6.2 (not an official CPE) F5 Big-ip domain name system 11.6.3 (not an official CPE) F5 Big-ip domain name system 12.1.0 (not an official CPE) F5 Big-ip domain name system 12.1.1 (not an official CPE) F5 Big-ip domain name system 12.1.2 (not an official CPE) F5 Big-ip domain name system 12.1.3 (not an official CPE) F5 Big-ip domain name system 13.0.0 (not an official CPE) F5 Big-ip domain name system 13.0.1 (not an official CPE) F5 Big-ip domain name system 13.1.0 (not an official CPE) F5 Big-ip domain name system 13.1.1 (not an official CPE) F5 Big-ip domain name system 14.0.0 (not an official CPE) F5 Big-ip edge gateway 11.6.0 (not an official CPE) F5 Big-ip edge gateway 11.6.1 (not an official CPE) F5 Big-ip edge gateway 11.6.2 (not an official CPE) F5 Big-ip edge gateway 11.6.3 (not an official CPE) F5 Big-ip edge gateway 12.1.0 (not an official CPE) F5 Big-ip edge gateway 12.1.1 (not an official CPE) F5 Big-ip edge gateway 12.1.2 (not an official CPE) F5 Big-ip edge gateway 12.1.3 (not an official CPE) F5 Big-ip edge gateway 13.0.0 (not an official CPE) F5 Big-ip edge gateway 13.0.1 (not an official CPE) F5 Big-ip edge gateway 13.1.0 (not an official CPE) F5 Big-ip edge gateway 13.1.1 (not an official CPE) F5 Big-ip edge gateway 14.0.0 (not an official CPE) F5 Big-ip fraud protection service 11.6.0 (not an official CPE) F5 Big-ip fraud protection service 11.6.1 (not an official CPE) F5 Big-ip fraud protection service 11.6.2 (not an official CPE) F5 Big-ip fraud protection service 11.6.3 (not an official CPE) F5 Big-ip fraud protection service 12.1.0 (not an official CPE) F5 Big-ip fraud protection service 12.1.1 (not an official CPE) F5 Big-ip fraud protection service 12.1.2 (not an official CPE) F5 Big-ip fraud protection service 12.1.3 (not an official CPE) F5 Big-ip fraud protection service 13.0.0 (not an official CPE) F5 Big-ip fraud protection service 13.0.1 (not an official CPE) F5 Big-ip fraud protection service 13.1.0 (not an official CPE) F5 Big-ip fraud protection service 13.1.1 (not an official CPE) F5 Big-ip fraud protection service 14.0.0 (not an official CPE) F5 Big-ip global traffic manager 11.6.0 (not an official CPE) F5 Big-ip global traffic manager 11.6.1 (not an official CPE) F5 Big-ip global traffic manager 11.6.2 (not an official CPE) F5 Big-ip global traffic manager 11.6.3 (not an official CPE) F5 Big-ip global traffic manager 12.1.0 (not an official CPE) F5 Big-ip global traffic manager 12.1.1 (not an official CPE) F5 Big-ip global traffic manager 12.1.2 (not an official CPE) F5 Big-ip global traffic manager 12.1.3 (not an official CPE) F5 Big-ip global traffic manager 13.0.0 (not an official CPE) F5 Big-ip global traffic manager 13.0.1 (not an official CPE) F5 Big-ip global traffic manager 13.1.0 (not an official CPE) F5 Big-ip global traffic manager 13.1.1 (not an official CPE) F5 Big-ip global traffic manager 14.0.0 (not an official CPE) F5 Big-ip link controller 11.6.0 (not an official CPE) F5 Big-ip link controller 11.6.1 (not an official CPE) F5 Big-ip link controller 11.6.2 (not an official CPE) F5 Big-ip link controller 11.6.3 (not an official CPE) F5 Big-ip link controller 12.1.0 (not an official CPE) F5 Big-ip link controller 12.1.1 (not an official CPE) F5 Big-ip link controller 12.1.2 (not an official CPE) F5 Big-ip link controller 12.1.3 (not an official CPE) F5 Big-ip link controller 13.0.0 (not an official CPE) F5 Big-ip link controller 13.0.1 (not an official CPE) F5 Big-ip link controller 13.1.0 (not an official CPE) F5 Big-ip link controller 13.1.1 (not an official CPE) F5 Big-ip link controller 14.0.0 (not an official CPE) F5 Big-ip local traffic manager 11.6.0 (not an official CPE) F5 Big-ip local traffic manager 11.6.1 (not an official CPE) F5 Big-ip local traffic manager 11.6.2 (not an official CPE) F5 Big-ip local traffic manager 11.6.3 (not an official CPE) F5 Big-ip local traffic manager 12.1.0 (not an official CPE) F5 Big-ip local traffic manager 12.1.1 (not an official CPE) F5 Big-ip local traffic manager 12.1.2 (not an official CPE) F5 Big-ip local traffic manager 12.1.3 (not an official CPE) F5 Big-ip local traffic manager 13.0.0 (not an official CPE) F5 Big-ip local traffic manager 13.0.1 (not an official CPE) F5 Big-ip local traffic manager 13.1.0 (not an official CPE) F5 Big-ip local traffic manager 13.1.1 (not an official CPE) F5 Big-ip local traffic manager 14.0.0 (not an official CPE) F5 Big-ip policy enforcement manager 11.6.0 (not an official CPE) F5 Big-ip policy enforcement manager 11.6.1 (not an official CPE) F5 Big-ip policy enforcement manager 11.6.2 (not an official CPE) F5 Big-ip policy enforcement manager 11.6.3 (not an official CPE) F5 Big-ip policy enforcement manager 12.1.0 (not an official CPE) F5 Big-ip policy enforcement manager 12.1.1 (not an official CPE) F5 Big-ip policy enforcement manager 12.1.2 (not an official CPE) F5 Big-ip policy enforcement manager 12.1.3 (not an official CPE) F5 Big-ip policy enforcement manager 13.0.0 (not an official CPE) F5 Big-ip policy enforcement manager 13.0.1 (not an official CPE) F5 Big-ip policy enforcement manager 13.1.0 (not an official CPE) F5 Big-ip policy enforcement manager 13.1.1 (not an official CPE) F5 Big-ip policy enforcement manager 14.0.0 (not an official CPE) F5 Big-ip webaccelerator 11.6.0 (not an official CPE) F5 Big-ip webaccelerator 11.6.1 (not an official CPE) F5 Big-ip webaccelerator 11.6.2 (not an official CPE) F5 Big-ip webaccelerator 11.6.3 (not an official CPE) F5 Big-ip webaccelerator 12.1.0 (not an official CPE) F5 Big-ip webaccelerator 12.1.1 (not an official CPE) F5 Big-ip webaccelerator 12.1.2 (not an official CPE) F5 Big-ip webaccelerator 12.1.3 (not an official CPE) F5 Big-ip webaccelerator 13.0.0 (not an official CPE) F5 Big-ip webaccelerator 13.0.1 (not an official CPE) F5 Big-ip webaccelerator 13.1.0 (not an official CPE) F5 Big-ip webaccelerator 13.1.1 (not an official CPE) F5 Big-ip webaccelerator 14.0.0 (not an official CPE)
Advisory Patch Confirmed Link
https://support.f5.com/csp/article/K23566124