Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
BIG-IP APM virtual server vulnerability
Vulnerability Description
On versions 17.0.x before 17.0.0.2, 16.1.x before 16.1.3.3, 15.1.x before 15.1.7, 14.1.x before 14.1.5.3, and all versions of 13.1.x, an open redirect vulnerability exists on virtual servers enabled with a BIG-IP APM access policy. This vulnerability allows an unauthenticated malicious attacker to build an open redirect URI. Note: Software versions which have reached End of Technical Support (EoTS) are not evaluated.
CVSS Information
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
Vulnerability Type
指向未可信站点的URL重定向(开放重定向)
Vulnerability Title
F5 BIG-IP 输入验证错误漏洞
Vulnerability Description
F5 BIG-IP是美国F5公司的一款集成了网络流量管理、应用程序安全管理、负载均衡等功能的应用交付平台。 F5 BIG-IP 存在安全漏洞,该漏洞源于启用 BIG-IP APM 访问策略的虚拟服务器上存在一个开放重定向漏洞,允许攻击者构建开放的重定向 URI,以下产品和版本受到影响:BIG-IP (AFM) 17.0.0、16.1.0 到16.1.3、15.1.0 到 15.1.7、14.1.0 到 14.1.5、13.1.0 到 13.1.5版本。
CVSS Information
N/A
Vulnerability Type
N/A