CVE-2017-0301 Information
Feb 14, 2021
cve
Description
In F5 BIG-IP APM software versions 11.5.0 11.5.1 11.5.2 11.5.3 11.5.4 11.6.0 11.6.1 12.0.0 12.1.0 12.1.1 and 12.1.2 BIG-IP APM portal access requests do not return the intended resources in some cases. This may allow access to internal BIG-IP APM resources however the application resources and backend servers are unaffected.
CVSS Vector
CVSS:3.0/AV:A/AC:H/PR:L/UI:R/S:C/C:H/I:H/A:H
Reference
http://www.securitytracker.com/id/1040040 https://support.f5.com/csp/article/K54358225
Attack Complexity
HIGH
Privileges Required
LOW
User Interaction Required
LOW
Scope
REQUIRED
Confidentiality Impact
CHANGED
Integrity Impact
HIGH
Availability Impact
HIGH
Base Score
HIGH
Base Severity
7.6
Share on: