Búsqueda de    
Vulnerabilidad   
    Buscar 219043 Descripciones CVE y
99761 Descripciones de Pruebas,
accesos 10,000+ referencias cruzadas.
Pruebas   CVE   Todos  

ID de Prueba:1.3.6.1.4.1.25623.1.0.140118
Categoría:F5 Local Security Checks
Título:F5 BIG-IP - XSS vulnerability in the BIG-IP and Enterprise Manager Configuration utilities CVE-2016-7469
Resumen:A stored cross-site scripting (XSS) vulnerability in the BIG-IP Configuration utility device name change page allows an authenticated user to inject arbitrary web script or HTML. Exploitation requires Resource Administrator or Administrator privileges, and it could cause the Configuration utility client to become unstable.
Descripción:Summary:
A stored cross-site scripting (XSS) vulnerability in the BIG-IP Configuration utility device name change page allows an authenticated user to inject arbitrary web script or HTML. Exploitation requires Resource Administrator or Administrator privileges, and it could cause the Configuration utility client to become unstable.

Vulnerability Impact:
This vulnerability allows an authenticated attacker to execute a cross-site scripting (XSS) attack. By sending specially crafted input, the attacker can also cause the Configuration utility to become unstable.

Solution:
See the referenced vendor advisory for a solution.

CVSS Score:
3.5

CVSS Vector:
AV:N/AC:M/Au:S/C:N/I:P/A:N

Referencia Cruzada: Common Vulnerability Exposure (CVE) ID: CVE-2016-7469
BugTraq ID: 95320
http://www.securityfocus.com/bid/95320
http://www.securitytracker.com/id/1037559
http://www.securitytracker.com/id/1037560
CopyrightCopyright (C) 2017 Greenbone Networks GmbH

Esta es sólo una de 99761 pruebas de vulnerabilidad en nuestra serie de pruebas. Encuentre más sobre cómo ejecutar una auditoría de seguridad completa.

Para ejecutar una prueba gratuita de esta vulnerabilidad contra su sistema, regístrese ahora.




© 1998-2024 E-Soft Inc. Todos los derechos reservados.