CVE-2016-6249
N/A
N/A
Summary
F5 BIG-IP 12.0.0 and 11.5.0 - 11.6.1 REST requests which timeout during user account authentication may log sensitive attributes such as passwords in plaintext to /var/log/restjavad.0.log. It may allow local users to obtain sensitive information by reading these files.
Affected Software
| Vendor | Product | Version Range | Status |
|---|---|---|---|
| F5 Networks | F5 BIG-IP, REST Framework Logging | BIG-IP 12.0.0, BIG-IP 11.5.0 - 11.6.1 | affected |
Weaknesses
- Information Leak / Disclosure
ADP Enrichment
CVE Program Container
Additional References
References
Feedback
Was this page helpful?
Glad to hear it! Please tell us how we can improve.
Sorry to hear that. Please tell us how we can improve.