CVE-2019-6599
N/A
N/A
Summary
In BIG-IP 11.6.1-11.6.3.2 or 11.5.1-11.5.8, or Enterprise Manager 3.1.1, improper escaping of values in an undisclosed page of the configuration utility may result with an improper handling on the JSON response when it is injected by a malicious script via a remote cross-site scripting (XSS) attack.
Affected Software
| Vendor | Product | Version Range | Status |
|---|---|---|---|
| F5 Networks, Inc. | BIG-IP APM; Enterprise Manager | 11.6.1-11.6.3.2, 11.5.1-11.5.8 | affected |
| F5 Networks, Inc. | BIG-IP APM; Enterprise Manager | EM 3.1.1 | affected |
Weaknesses
- XSS
ADP Enrichment
CVE Program Container
Additional References
References
Feedback
Was this page helpful?
Glad to hear it! Please tell us how we can improve.
Sorry to hear that. Please tell us how we can improve.