Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
On all versions of 16.1.x, 15.1.x, 14.1.x, 13.1.x, 12.1.x, and 11.6.x of F5 BIG-IP Advanced WAF, ASM, and ASM, and F5 BIG-IP Guided Configuration (GC) all versions prior to 9.0, when running in Appliance mode, an authenticated attacker with Administrator role privilege may be able to bypass Appliance mode restrictions due to a missing integrity check in F5 BIG-IP Guided Configuration. Note: Software versions which have reached End of Technical Support (EoTS) are not evaluated
CVSS Information
CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:N
Vulnerability Type
完整性检查值验证不恰当
Vulnerability Title
F5 BIG-IP 安全漏洞
Vulnerability Description
F5 BIG-IP是美国F5公司的一款集成了网络流量管理、应用程序安全管理、负载均衡等功能的应用交付平台。 F5 BIG-IP 存在安全漏洞,该漏洞源于在装置模式下运行时,F5 BIG-IP 引导式配置中缺少完整性检查。具有管理员角色权限的且经过身份验证的攻击者利用此漏洞能够绕过装置模式限制。以下产品和版本受到影响:16.1.x, 15.1.x, 14.1.x, 13.1.x, 12.1.x, 和 11.6.x 的所有版本。
CVSS Information
N/A
Vulnerability Type
N/A