CVE-2020-5950

Published: Dec 11, 2020

Modified: Aug 4, 2024

PUBLISHED

Description

On BIG-IP 14.1.0-14.1.2.6, undisclosed endpoints in iControl REST allow for a reflected XSS attack, which could lead to a complete compromise of the BIG-IP system if the victim user is granted the admin role.

Vendor	Product	Versions
n/a	BIG-IP	affected `14.1.0-14.1.2.6`

References

https://support.f5.com/csp/article/K42696541

x_refsource_CONFIRM

Security Training

Train your team to recognize and prevent security threats with our comprehensive security awareness program.

Start Training

Vulnerability Scanning

Discover vulnerabilities in your applications and infrastructure before attackers do.

Scan Now

CVE-2020-5950

Description

Affected Products

References