Back to search
CVE-2017-0304
Published: Dec 21, 2017
Modified: Sep 16, 2024
PUBLISHED
Description
A SQL injection vulnerability exists in the BIG-IP AFM management UI on versions 12.0.0, 12.1.0, 12.1.1, 12.1.2 and 13.0.0 that may allow a copy of the firewall rules to be tampered with and impact the Configuration Utility until there is a resync of the rules. Traffic processing and the live firewall rules in use are not affected.
| Vendor | Product | Versions |
|---|---|---|
F5 Networks, Inc. | BIG-IP AFM | affected 12.0.0, 12.1.0, 12.1.1, 12.1.2affected 13.0.0 |
References
102332
vdb-entry
x_refsource_BID
https://support.f5.com/csp/article/K39428424
x_refsource_CONFIRM
1040041
vdb-entry
x_refsource_SECTRACK
Security Training
Train your team to recognize and prevent security threats with our comprehensive security awareness program.
Start TrainingVulnerability Scanning
Discover vulnerabilities in your applications and infrastructure before attackers do.
Scan Now