First published: Tue Jan 21 2014(Updated: )
XML External Entity (XXE) vulnerability in sam/admin/vpe2/public/php/server.php in F5 BIG-IP 10.0.0 through 10.2.4 and 11.0.0 through 11.2.1 allows remote authenticated users to read arbitrary files via a crafted XML file.
Credit: cret@cert.org
Affected Software | Affected Version | How to fix |
---|---|---|
F5 BIG-IP Configuration Utility | =10.0.0 | |
F5 BIG-IP Configuration Utility | =10.2.4 | |
F5 BIG-IP Configuration Utility | =11.0.0 | |
F5 BIG-IP Configuration Utility | =11.2.1 |
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.