Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
On BIG-IP AFM version 16.0.x before 16.0.1.2, 15.1.x before 15.1.3, 14.1.x before 14.1.4.2, 13.1.x before 13.1.4.1, and all versions of 12.1.x, a SQL injection vulnerability exists in an undisclosed page of the BIG-IP Configuration utility. This issue is exposed only when BIG-IP AFM is provisioned. Note: Software versions which have reached End of Technical Support (EoTS) are not evaluated.
CVSS Information
N/A
Vulnerability Type
SQL命令中使用的特殊元素转义处理不恰当(SQL注入)
Vulnerability Title
F5 BIG-IP APM和F5 BIG-IP SQL注入漏洞
Vulnerability Description
F5 BIG-IP APM和F5 BIG-IP都是美国F5公司的产品。F5 BIG-IP APM是一套访问和安全解决方案。该产品提供统一访问关键业务应用和网络的功能。F5 BIG-IP是一款集成了网络流量管理、应用程序安全管理、负载均衡等功能的应用交付平台。 F5 BIG-IP和F5 BIG-IP AFM 中存在SQL注入漏洞。该漏洞源于攻击者可以通过F5 BIG-IP AFM的Configuration Utility使用SQL注入来读取或修改数据。
CVSS Information
N/A
Vulnerability Type
N/A