Test Kennung:	1.3.6.1.4.1.25623.1.0.140118
Kategorie:	F5 Local Security Checks
Titel:	F5 BIG-IP - XSS vulnerability in the BIG-IP and Enterprise Manager Configuration utilities CVE-2016-7469
Zusammenfassung:	A stored cross-site scripting (XSS) vulnerability in the BIG-IP Configuration utility device name change page allows an authenticated user to inject arbitrary web script or HTML. Exploitation requires Resource Administrator or Administrator privileges, and it could cause the Configuration utility client to become unstable.
Beschreibung:	Summary: A stored cross-site scripting (XSS) vulnerability in the BIG-IP Configuration utility device name change page allows an authenticated user to inject arbitrary web script or HTML. Exploitation requires Resource Administrator or Administrator privileges, and it could cause the Configuration utility client to become unstable. Vulnerability Impact: This vulnerability allows an authenticated attacker to execute a cross-site scripting (XSS) attack. By sending specially crafted input, the attacker can also cause the Configuration utility to become unstable. Solution: See the referenced vendor advisory for a solution. CVSS Score: 3.5 CVSS Vector: AV:N/AC:M/Au:S/C:N/I:P/A:N
Querverweis:	Common Vulnerability Exposure (CVE) ID: CVE-2016-7469 BugTraq ID: 95320 http://www.securityfocus.com/bid/95320 http://www.securitytracker.com/id/1037559 http://www.securitytracker.com/id/1037560
Copyright	Copyright (C) 2017 Greenbone AG

Dies ist nur einer von 145615 Anfälligkeitstests in unserem Testpaket. Finden Sie mehr über unsere vollständigen Sicherheitsüberprüfungen heraus. Um einen gratis Test für diese Anfälligkeit auf Ihrem System durchlaufen zu lassen, registrieren Sie sich bitte unten.