{"containers": {"cna": {"affected": [{"product": "n/a", "vendor": "n/a", "versions": [{"status": "affected", "version": "n/a"}]}], "datePublic": "2014-08-25T00:00:00", "descriptions": [{"lang": "en", "value": "Cross-site scripting (XSS) vulnerability in tmui/dashboard/echo.jsp in the Configuration utility in F5 BIG-IP LTM, APM, ASM, GTM, and Link Controller 11.0.0 before 11.6.0 and 10.1.0 through 10.2.4, AAM 11.4.0 before 11.6.0, AFM and PEM 11.3.0 before 11.6.0, Analytics 11.0.0 through 11.5.1, Edge Gateway, WebAccelerator, and WOM 11.0.0 through 11.3.0 and 10.1.0 through 10.2.4, and PSM 11.0.0 through 11.4.1 and 10.1.0 through 10.2.4 and Enterprise Manager 3.0.0 through 3.1.1 and 2.1.0 through 2.3.0 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors."}], "problemTypes": [{"descriptions": [{"description": "n/a", "lang": "en", "type": "text"}]}], "providerMetadata": {"dateUpdated": "2015-05-12T14:57:00", "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "shortName": "mitre"}, "references": [{"tags": ["x_refsource_MISC"], "url": "https://www.sec-consult.com/fxdata/seccons/prod/temedia/advisories_txt/20140828-F5_BIG-IP_Reflected_XSS_v10.txt"}, {"tags": ["x_refsource_CONFIRM"], "url": "https://support.f5.com/kb/en-us/solutions/public/15000/500/sol15532.html"}, {"name": "1030776", "tags": ["vdb-entry", "x_refsource_SECTRACK"], "url": "http://www.securitytracker.com/id/1030776"}], "x_legacyV4Record": {"CVE_data_meta": {"ASSIGNER": "cve@mitre.org", "ID": "CVE-2014-4023", "STATE": "PUBLIC"}, "affects": {"vendor": {"vendor_data": [{"product": {"product_data": [{"product_name": "n/a", "version": {"version_data": [{"version_value": "n/a"}]}}]}, "vendor_name": "n/a"}]}}, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": {"description_data": [{"lang": "eng", "value": "Cross-site scripting (XSS) vulnerability in tmui/dashboard/echo.jsp in the Configuration utility in F5 BIG-IP LTM, APM, ASM, GTM, and Link Controller 11.0.0 before 11.6.0 and 10.1.0 through 10.2.4, AAM 11.4.0 before 11.6.0, AFM and PEM 11.3.0 before 11.6.0, Analytics 11.0.0 through 11.5.1, Edge Gateway, WebAccelerator, and WOM 11.0.0 through 11.3.0 and 10.1.0 through 10.2.4, and PSM 11.0.0 through 11.4.1 and 10.1.0 through 10.2.4 and Enterprise Manager 3.0.0 through 3.1.1 and 2.1.0 through 2.3.0 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors."}]}, "problemtype": {"problemtype_data": [{"description": [{"lang": "eng", "value": "n/a"}]}]}, "references": {"reference_data": [{"name": "https://www.sec-consult.com/fxdata/seccons/prod/temedia/advisories_txt/20140828-F5_BIG-IP_Reflected_XSS_v10.txt", "refsource": "MISC", "url": "https://www.sec-consult.com/fxdata/seccons/prod/temedia/advisories_txt/20140828-F5_BIG-IP_Reflected_XSS_v10.txt"}, {"name": "https://support.f5.com/kb/en-us/solutions/public/15000/500/sol15532.html", "refsource": "CONFIRM", "url": "https://support.f5.com/kb/en-us/solutions/public/15000/500/sol15532.html"}, {"name": "1030776", "refsource": "SECTRACK", "url": "http://www.securitytracker.com/id/1030776"}]}}}}, "cveMetadata": {"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "assignerShortName": "mitre", "cveId": "CVE-2014-4023", "datePublished": "2014-10-28T14:00:00", "dateReserved": "2014-06-11T00:00:00", "dateUpdated": "2015-05-12T14:57:00", "state": "PUBLISHED"}, "dataType": "CVE_RECORD", "dataVersion": "5.0"}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:f5:big-ip_advanced_firewall_manager:11.3.0:*:*:*:*:*:*:*", "matchCriteriaId": "7507BDFF-5B52-4A06-9F8C-2B6F3958162A", "vulnerable": true}, {"criteria": "cpe:2.3:a:f5:big-ip_advanced_firewall_manager:11.4.0:*:*:*:*:*:*:*", "matchCriteriaId": "6E0141FA-44E9-460E-B175-29A7FA251301", "vulnerable": true}, {"criteria": "cpe:2.3:a:f5:big-ip_advanced_firewall_manager:11.4.1:*:*:*:*:*:*:*", "matchCriteriaId": "8DD27EF7-3329-4009-959F-D2E4D5935E57", "vulnerable": true}, {"criteria": "cpe:2.3:a:f5:big-ip_advanced_firewall_manager:11.5.0:*:*:*:*:*:*:*", "matchCriteriaId": "3755740D-F1DC-4910-ADDD-9D491515201C", "vulnerable": true}, {"criteria": "cpe:2.3:a:f5:big-ip_advanced_firewall_manager:11.5.1:*:*:*:*:*:*:*", "matchCriteriaId": "EA244A7D-F65D-4114-81C8-CE811959EA10", "vulnerable": true}], "negate": false, "operator": "OR"}]}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:f5:big-ip_policy_enforcement_manager:11.3.0:*:*:*:*:*:*:*", "matchCriteriaId": "3CA52816-C4B7-4B1E-A950-EE9B571CB06B", "vulnerable": true}, {"criteria": "cpe:2.3:a:f5:big-ip_policy_enforcement_manager:11.4.0:*:*:*:*:*:*:*", "matchCriteriaId": "F2AA5127-5314-4026-905D-937B7B62473F", "vulnerable": true}, {"criteria": "cpe:2.3:a:f5:big-ip_policy_enforcement_manager:11.4.1:*:*:*:*:*:*:*", "matchCriteriaId": "09E42DAA-700D-487C-9238-F7F3D75A8C1A", "vulnerable": true}, {"criteria": "cpe:2.3:a:f5:big-ip_policy_enforcement_manager:11.5.0:*:*:*:*:*:*:*", "matchCriteriaId": "1B6EA0C0-9C26-4A87-98F1-5B317D606ECB", "vulnerable": true}, {"criteria": "cpe:2.3:a:f5:big-ip_policy_enforcement_manager:11.5.1:*:*:*:*:*:*:*", "matchCriteriaId": "4D379372-A226-4230-B1F3-04C696518BD8", "vulnerable": true}], "negate": false, "operator": "OR"}]}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:f5:big-ip_application_security_manager:10.1.0:*:*:*:*:*:*:*", "matchCriteriaId": "E6C19BDD-1286-48C7-8E7D-66C100D02319", "vulnerable": true}, {"criteria": "cpe:2.3:a:f5:big-ip_application_security_manager:10.2.0:*:*:*:*:*:*:*", "matchCriteriaId": "4B4653A4-833F-4381-86E9-452F19A53868", "vulnerable": true}, {"criteria": "cpe:2.3:a:f5:big-ip_application_security_manager:10.2.1:*:*:*:*:*:*:*", "matchCriteriaId": "FFCB7C80-DDA6-421C-92E8-E6E56E414E81", "vulnerable": true}, {"criteria": "cpe:2.3:a:f5:big-ip_application_security_manager:10.2.2:*:*:*:*:*:*:*", "matchCriteriaId": "494085EA-7445-4592-8795-DCC035BDDC52", "vulnerable": true}, {"criteria": "cpe:2.3:a:f5:big-ip_application_security_manager:10.2.3:*:*:*:*:*:*:*", "matchCriteriaId": "EAD4E5E9-5289-4E84-A922-97364D8EB6EE", "vulnerable": true}, {"criteria": "cpe:2.3:a:f5:big-ip_application_security_manager:10.2.4:*:*:*:*:*:*:*", "matchCriteriaId": "479AFDC6-CE0E-4AAC-8DA9-26ADCD96E8DA", "vulnerable": true}, {"criteria": "cpe:2.3:a:f5:big-ip_application_security_manager:11.0.0:*:*:*:*:*:*:*", "matchCriteriaId": "094BD2B6-E269-4647-A77C-B584805B6203", "vulnerable": true}, {"criteria": "cpe:2.3:a:f5:big-ip_application_security_manager:11.1.0:*:*:*:*:*:*:*", "matchCriteriaId": "45C31572-6C40-4621-AB57-6768DE0D59A3", "vulnerable": true}, {"criteria": "cpe:2.3:a:f5:big-ip_application_security_manager:11.2.0:*:*:*:*:*:*:*", "matchCriteriaId": "4617DC7B-07BA-4805-9789-CFDBA8535214", "vulnerable": true}, {"criteria": "cpe:2.3:a:f5:big-ip_application_security_manager:11.2.1:*:*:*:*:*:*:*", "matchCriteriaId": "A635FEC4-4F52-4971-A67D-47E68108E4F4", "vulnerable": true}, {"criteria": "cpe:2.3:a:f5:big-ip_application_security_manager:11.3.0:*:*:*:*:*:*:*", "matchCriteriaId": "EC69B41E-C22D-48D2-8609-60C018F1F48D", "vulnerable": true}, {"criteria": "cpe:2.3:a:f5:big-ip_application_security_manager:11.4.0:*:*:*:*:*:*:*", "matchCriteriaId": "270EEBF6-46FA-48FC-BEC9-9C0838A86BB4", "vulnerable": true}, {"criteria": "cpe:2.3:a:f5:big-ip_application_security_manager:11.4.1:*:*:*:*:*:*:*", "matchCriteriaId": "93310708-E1FE-445A-BB1F-7D1F553AEC65", "vulnerable": true}, {"criteria": "cpe:2.3:a:f5:big-ip_application_security_manager:11.5.0:*:*:*:*:*:*:*", "matchCriteriaId": "1AD2C1D2-103E-4B0F-84AA-999F01E695F0", "vulnerable": true}, {"criteria": "cpe:2.3:a:f5:big-ip_application_security_manager:11.5.1:*:*:*:*:*:*:*", "matchCriteriaId": "855E91A4-0A0C-4E5C-8019-FB513A793803", "vulnerable": true}], "negate": false, "operator": "OR"}]}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:f5:big-ip_application_acceleration_manager:11.4.0:*:*:*:*:*:*:*", "matchCriteriaId": "974C5213-99F7-4E8A-AC6A-8759697F19C4", "vulnerable": true}, {"criteria": "cpe:2.3:a:f5:big-ip_application_acceleration_manager:11.4.1:*:*:*:*:*:*:*", "matchCriteriaId": "E288D50B-7EFA-4FC8-938B-EE3765FFA24D", "vulnerable": true}, {"criteria": "cpe:2.3:a:f5:big-ip_application_acceleration_manager:11.5.0:*:*:*:*:*:*:*", "matchCriteriaId": "0E3D8A24-0B8D-432B-8F06-D0E1642E7C1C", "vulnerable": true}, {"criteria": "cpe:2.3:a:f5:big-ip_application_acceleration_manager:11.5.1:*:*:*:*:*:*:*", "matchCriteriaId": "A4489382-0668-4CFB-BA89-D54762937CEE", "vulnerable": true}], "negate": false, "operator": "OR"}]}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:f5:enterprise_manager:3.0.0:*:*:*:*:*:*:*", "matchCriteriaId": "125C8A19-4F51-42DD-BA11-F299721EFBB5", "vulnerable": true}, {"criteria": "cpe:2.3:a:f5:enterprise_manager:3.1.0:*:*:*:*:*:*:*", "matchCriteriaId": "4C580F19-AF18-49EE-89FF-8C4F5C88314D", "vulnerable": true}, {"criteria": "cpe:2.3:a:f5:enterprise_manager:3.1.1:*:*:*:*:*:*:*", "matchCriteriaId": "D5F5FEE7-059A-4A9B-BCCD-18F0AA435040", "vulnerable": true}, {"criteria": "cpe:2.3:h:f5:enterprise_manager:2.1.0:*:*:*:*:*:*:*", "matchCriteriaId": "FE619B40-18EB-4F01-A416-63A66577F14F", "vulnerable": true}, {"criteria": "cpe:2.3:h:f5:enterprise_manager:2.2.0:*:*:*:*:*:*:*", "matchCriteriaId": "003DFFC0-C51B-43B8-897A-6AD71A7B60FD", "vulnerable": true}, {"criteria": "cpe:2.3:h:f5:enterprise_manager:2.3.0:*:*:*:*:*:*:*", "matchCriteriaId": "05803D5C-15CD-4600-9703-951D28173E49", "vulnerable": true}], "negate": false, "operator": "OR"}]}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:f5:big-ip_edge_gateway:10.1.0:*:*:*:*:*:*:*", "matchCriteriaId": "D982EE29-D298-4D39-897A-580D867CDE50", "vulnerable": true}, {"criteria": "cpe:2.3:a:f5:big-ip_edge_gateway:10.2.0:*:*:*:*:*:*:*", "matchCriteriaId": "D477F539-2E79-47BB-A8CF-F3A73AA72A27", "vulnerable": true}, {"criteria": "cpe:2.3:a:f5:big-ip_edge_gateway:10.2.1:*:*:*:*:*:*:*", "matchCriteriaId": "C70B0F91-B269-4753-92E5-69F49CCB498D", "vulnerable": true}, {"criteria": "cpe:2.3:a:f5:big-ip_edge_gateway:10.2.2:*:*:*:*:*:*:*", "matchCriteriaId": "44847A70-9301-4C53-93AF-8888CF074F6C", "vulnerable": true}, {"criteria": "cpe:2.3:a:f5:big-ip_edge_gateway:10.2.3:*:*:*:*:*:*:*", "matchCriteriaId": "57C59A21-CFC9-41CE-AEC3-FD9E8B02A5FD", "vulnerable": true}, {"criteria": "cpe:2.3:a:f5:big-ip_edge_gateway:10.2.4:*:*:*:*:*:*:*", "matchCriteriaId": "FE109CFC-59FD-4859-87EF-5FDD1BD94260", "vulnerable": true}, {"criteria": "cpe:2.3:a:f5:big-ip_edge_gateway:11.0.0:*:*:*:*:*:*:*", "matchCriteriaId": "53531CA7-5E47-4C46-BDA5-3B4710085078", "vulnerable": true}, {"criteria": "cpe:2.3:a:f5:big-ip_edge_gateway:11.1.0:*:*:*:*:*:*:*", "matchCriteriaId": "5A085285-329B-4EF0-ABFB-238655E9E82D", "vulnerable": true}, {"criteria": "cpe:2.3:a:f5:big-ip_edge_gateway:11.2.0:*:*:*:*:*:*:*", "matchCriteriaId": "1591F627-3C86-4904-9236-6936D533ED75", "vulnerable": true}, {"criteria": "cpe:2.3:a:f5:big-ip_edge_gateway:11.2.1:*:*:*:*:*:*:*", "matchCriteriaId": "3136A8D1-3D0D-46B3-9A3A-737074864F1B", "vulnerable": true}, {"criteria": "cpe:2.3:a:f5:big-ip_edge_gateway:11.3.0:*:*:*:*:*:*:*", "matchCriteriaId": "96673865-3D37-4562-831E-3ACE9DFB471E", "vulnerable": true}], "negate": false, "operator": "OR"}]}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:f5:big-ip_global_traffic_manager:10.1.0:*:*:*:*:*:*:*", "matchCriteriaId": "E6363B0D-AC1F-4AF5-BC02-19F77A85F3AC", "vulnerable": true}, {"criteria": "cpe:2.3:a:f5:big-ip_global_traffic_manager:10.2.0:*:*:*:*:*:*:*", "matchCriteriaId": "80B80111-6F28-4E7F-B9DE-27825866A138", "vulnerable": true}, {"criteria": "cpe:2.3:a:f5:big-ip_global_traffic_manager:10.2.1:*:*:*:*:*:*:*", "matchCriteriaId": "3A8D0587-ED89-4CDB-960D-37FBD522B146", "vulnerable": true}, {"criteria": "cpe:2.3:a:f5:big-ip_global_traffic_manager:10.2.2:*:*:*:*:*:*:*", "matchCriteriaId": "B77088CC-8C8C-4D6E-9770-634A5BF62A3D", "vulnerable": true}, {"criteria": "cpe:2.3:a:f5:big-ip_global_traffic_manager:10.2.3:*:*:*:*:*:*:*", "matchCriteriaId": "5D19442F-065D-4CBE-87EA-697CECD6A47C", "vulnerable": true}, {"criteria": "cpe:2.3:a:f5:big-ip_global_traffic_manager:10.2.4:*:*:*:*:*:*:*", "matchCriteriaId": "5445A56C-8D69-484B-8EC4-1F45B4490CC2", "vulnerable": true}, {"criteria": "cpe:2.3:a:f5:big-ip_global_traffic_manager:11.0.0:*:*:*:*:*:*:*", "matchCriteriaId": "9AA7DCB7-D01E-492A-A810-01B15F03A783", "vulnerable": true}, {"criteria": "cpe:2.3:a:f5:big-ip_global_traffic_manager:11.1.0:*:*:*:*:*:*:*", "matchCriteriaId": "E7F8D9A5-0C91-4458-8554-13947FD8B116", "vulnerable": true}, {"criteria": "cpe:2.3:a:f5:big-ip_global_traffic_manager:11.2.0:*:*:*:*:*:*:*", "matchCriteriaId": "B171AA24-6500-43D8-9167-BA9BA57682E5", "vulnerable": true}, {"criteria": "cpe:2.3:a:f5:big-ip_global_traffic_manager:11.2.1:*:*:*:*:*:*:*", "matchCriteriaId": "84452450-77FA-4708-9C86-5464D541C8ED", "vulnerable": true}, {"criteria": "cpe:2.3:a:f5:big-ip_global_traffic_manager:11.3.0:*:*:*:*:*:*:*", "matchCriteriaId": "A49B1D82-3EC2-4E20-8FF5-58248905E964", "vulnerable": true}, {"criteria": "cpe:2.3:a:f5:big-ip_global_traffic_manager:11.4.0:*:*:*:*:*:*:*", "matchCriteriaId": "7E4CC3E0-F9B8-433F-A2B0-2306144F9B6A", "vulnerable": true}, {"criteria": "cpe:2.3:a:f5:big-ip_global_traffic_manager:11.4.1:*:*:*:*:*:*:*", "matchCriteriaId": "B8993275-E17E-4A69-8D95-A8229E0E88D6", "vulnerable": true}, {"criteria": "cpe:2.3:a:f5:big-ip_global_traffic_manager:11.5.0:*:*:*:*:*:*:*", "matchCriteriaId": "0594DBC5-8470-416C-A5EA-E04F5AB2C799", "vulnerable": true}, {"criteria": "cpe:2.3:a:f5:big-ip_global_traffic_manager:11.5.1:*:*:*:*:*:*:*", "matchCriteriaId": "B50BF19F-71B4-47C0-A96E-6EB90FCC6AE7", "vulnerable": true}], "negate": false, "operator": "OR"}]}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:f5:big-ip_link_controller:10.1.0:*:*:*:*:*:*:*", "matchCriteriaId": "4758B4CB-5CD9-4505-8E91-E5E849937A63", "vulnerable": true}, {"criteria": "cpe:2.3:a:f5:big-ip_link_controller:10.2.0:*:*:*:*:*:*:*", "matchCriteriaId": "C801C53F-9ECC-42B9-A119-5046706CA621", "vulnerable": true}, {"criteria": "cpe:2.3:a:f5:big-ip_link_controller:10.2.1:*:*:*:*:*:*:*", "matchCriteriaId": "02A544E4-B9BB-4735-8239-4FC57473BB1E", "vulnerable": true}, {"criteria": "cpe:2.3:a:f5:big-ip_link_controller:10.2.2:*:*:*:*:*:*:*", "matchCriteriaId": "91E5BF8D-7391-49E3-A17A-26A1F138A3C0", "vulnerable": true}, {"criteria": "cpe:2.3:a:f5:big-ip_link_controller:10.2.3:*:*:*:*:*:*:*", "matchCriteriaId": "A3C33FD2-8473-485C-9726-5673B49A031D", "vulnerable": true}, {"criteria": "cpe:2.3:a:f5:big-ip_link_controller:10.2.4:*:*:*:*:*:*:*", "matchCriteriaId": "3FA77AD2-557E-41E5-8BE5-F4B4A1AB8E13", "vulnerable": true}, {"criteria": "cpe:2.3:a:f5:big-ip_link_controller:11.0.0:*:*:*:*:*:*:*", "matchCriteriaId": "4C2FFC93-7053-441C-AD96-ED57F97E9A70", "vulnerable": true}, {"criteria": "cpe:2.3:a:f5:big-ip_link_controller:11.1.0:*:*:*:*:*:*:*", "matchCriteriaId": "792625FF-276B-4972-8915-4571C9E26BF5", "vulnerable": true}, {"criteria": "cpe:2.3:a:f5:big-ip_link_controller:11.2.0:*:*:*:*:*:*:*", "matchCriteriaId": "EE20D0B7-E96B-448E-B80D-0D596248B410", "vulnerable": true}, {"criteria": "cpe:2.3:a:f5:big-ip_link_controller:11.2.1:*:*:*:*:*:*:*", "matchCriteriaId": "2DD53088-3BD4-4AF9-8934-4905231A75E8", "vulnerable": true}, {"criteria": "cpe:2.3:a:f5:big-ip_link_controller:11.3.0:*:*:*:*:*:*:*", "matchCriteriaId": "C4CB61D3-DF59-4EE0-A0F0-5899850496B9", "vulnerable": true}, {"criteria": "cpe:2.3:a:f5:big-ip_link_controller:11.4.0:*:*:*:*:*:*:*", "matchCriteriaId": "FF646EF0-56C8-492E-A78D-B00ECAA8D851", "vulnerable": true}, {"criteria": "cpe:2.3:a:f5:big-ip_link_controller:11.4.1:*:*:*:*:*:*:*", "matchCriteriaId": "0D42B922-A5F7-41FC-A361-BA0E065B5B00", "vulnerable": true}, {"criteria": "cpe:2.3:a:f5:big-ip_link_controller:11.5.0:*:*:*:*:*:*:*", "matchCriteriaId": "13E6D2CA-CC4F-4317-A842-4DF0693B0CB6", "vulnerable": true}, {"criteria": "cpe:2.3:a:f5:big-ip_link_controller:11.5.1:*:*:*:*:*:*:*", "matchCriteriaId": "AB017D7A-3290-4EF5-9647-B488771A5F32", "vulnerable": true}], "negate": false, "operator": "OR"}]}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:f5:big-ip_local_traffic_manager:10.1.0:*:*:*:*:*:*:*", "matchCriteriaId": "AF1FD1C1-6980-4E9F-8DEF-D9E552510481", "vulnerable": true}, {"criteria": "cpe:2.3:a:f5:big-ip_local_traffic_manager:10.2.0:*:*:*:*:*:*:*", "matchCriteriaId": "A9F443F1-C43F-42AD-98E4-AE11C72F363E", "vulnerable": true}, {"criteria": "cpe:2.3:a:f5:big-ip_local_traffic_manager:10.2.1:*:*:*:*:*:*:*", "matchCriteriaId": "1AF61656-A266-4A2D-A001-54339716A4A8", "vulnerable": true}, {"criteria": "cpe:2.3:a:f5:big-ip_local_traffic_manager:10.2.2:*:*:*:*:*:*:*", "matchCriteriaId": "3FC92F47-75EB-487A-B4A2-2B0B4C78B10D", "vulnerable": true}, {"criteria": "cpe:2.3:a:f5:big-ip_local_traffic_manager:10.2.3:*:*:*:*:*:*:*", "matchCriteriaId": "C16CD0C3-13CC-46D2-8E33-A98B3ACC1992", "vulnerable": true}, {"criteria": "cpe:2.3:a:f5:big-ip_local_traffic_manager:10.2.4:*:*:*:*:*:*:*", "matchCriteriaId": "FE056B1B-5037-453C-B845-06A507452821", "vulnerable": true}, {"criteria": "cpe:2.3:a:f5:big-ip_local_traffic_manager:11.0.0:*:*:*:*:*:*:*", "matchCriteriaId": "C72FF118-E7A5-42DE-A9A0-703E71615045", "vulnerable": true}, {"criteria": "cpe:2.3:a:f5:big-ip_local_traffic_manager:11.1.0:*:*:*:*:*:*:*", "matchCriteriaId": "45A53EC8-8E16-42DC-9FD8-58493C5D1EC5", "vulnerable": true}, {"criteria": "cpe:2.3:a:f5:big-ip_local_traffic_manager:11.2.0:*:*:*:*:*:*:*", "matchCriteriaId": "DDB299B4-5893-4D91-8E5B-09BDFDB86FEF", "vulnerable": true}, {"criteria": "cpe:2.3:a:f5:big-ip_local_traffic_manager:11.2.1:*:*:*:*:*:*:*", "matchCriteriaId": "F9EA336A-8055-4DA8-8F79-07C4ADE83E32", "vulnerable": true}, {"criteria": "cpe:2.3:a:f5:big-ip_local_traffic_manager:11.3.0:*:*:*:*:*:*:*", "matchCriteriaId": "624EFAEB-15C2-422F-BAD1-D0BC37878349", "vulnerable": true}, {"criteria": "cpe:2.3:a:f5:big-ip_local_traffic_manager:11.4.0:*:*:*:*:*:*:*", "matchCriteriaId": "76C1525D-46DE-4362-BBAD-095BBF718990", "vulnerable": true}, {"criteria": "cpe:2.3:a:f5:big-ip_local_traffic_manager:11.4.1:*:*:*:*:*:*:*", "matchCriteriaId": "259C05BB-6349-4005-9372-21623DC5002D", "vulnerable": true}, {"criteria": "cpe:2.3:a:f5:big-ip_local_traffic_manager:11.5.0:*:*:*:*:*:*:*", "matchCriteriaId": "E5D27D4A-BD5C-4FA9-AA72-F7956298DE06", "vulnerable": true}, {"criteria": "cpe:2.3:a:f5:big-ip_local_traffic_manager:11.5.1:*:*:*:*:*:*:*", "matchCriteriaId": "12F86EB5-D581-4103-A802-44D968BA8D55", "vulnerable": true}], "negate": false, "operator": "OR"}]}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:f5:big-ip_access_policy_manager:10.1.0:*:*:*:*:*:*:*", "matchCriteriaId": "F5BE38A0-CD2F-4C18-9EE3-D56A23BDB73A", "vulnerable": true}, {"criteria": "cpe:2.3:a:f5:big-ip_access_policy_manager:10.2.0:*:*:*:*:*:*:*", "matchCriteriaId": "476D58C4-7699-45AC-B987-B42B5488240B", "vulnerable": true}, {"criteria": "cpe:2.3:a:f5:big-ip_access_policy_manager:10.2.1:*:*:*:*:*:*:*", "matchCriteriaId": "30A1197A-7196-49AA-B368-5539180B8B93", "vulnerable": true}, {"criteria": "cpe:2.3:a:f5:big-ip_access_policy_manager:10.2.2:*:*:*:*:*:*:*", "matchCriteriaId": "E3F73DC1-9174-4842-B772-D277D293214A", "vulnerable": true}, {"criteria": "cpe:2.3:a:f5:big-ip_access_policy_manager:10.2.3:*:*:*:*:*:*:*", "matchCriteriaId": "B2BEA4E9-125B-47D7-99D0-DE469839622F", "vulnerable": true}, {"criteria": "cpe:2.3:a:f5:big-ip_access_policy_manager:10.2.4:*:*:*:*:*:*:*", "matchCriteriaId": "B1FB07A3-8D07-44F6-B827-B22D3799A707", "vulnerable": true}, {"criteria": "cpe:2.3:a:f5:big-ip_access_policy_manager:11.0.0:*:*:*:*:*:*:*", "matchCriteriaId": "DD575B3E-FBA9-443A-9B52-49766DBE40C4", "vulnerable": true}, {"criteria": "cpe:2.3:a:f5:big-ip_access_policy_manager:11.1.0:*:*:*:*:*:*:*", "matchCriteriaId": "F8F3BF3A-DC42-45F4-99C0-DF71DB1A9E44", "vulnerable": true}, {"criteria": "cpe:2.3:a:f5:big-ip_access_policy_manager:11.2.0:*:*:*:*:*:*:*", "matchCriteriaId": "002333F5-2864-434F-AC94-9C644098F95C", "vulnerable": true}, {"criteria": "cpe:2.3:a:f5:big-ip_access_policy_manager:11.2.1:*:*:*:*:*:*:*", "matchCriteriaId": "FB630A86-FB84-4199-9E4D-38EB620806CB", "vulnerable": true}, {"criteria": "cpe:2.3:a:f5:big-ip_access_policy_manager:11.3.0:*:*:*:*:*:*:*", "matchCriteriaId": "ABF47456-CCA0-4817-9AEF-631DC152174E", "vulnerable": true}, {"criteria": "cpe:2.3:a:f5:big-ip_access_policy_manager:11.4.0:*:*:*:*:*:*:*", "matchCriteriaId": "FB5F9107-549C-40EF-B355-C7E93A979CDD", "vulnerable": true}, {"criteria": "cpe:2.3:a:f5:big-ip_access_policy_manager:11.4.1:*:*:*:*:*:*:*", "matchCriteriaId": "B1A1C200-30B2-4B38-BC74-D11E54530A96", "vulnerable": true}, {"criteria": "cpe:2.3:a:f5:big-ip_access_policy_manager:11.5.0:*:*:*:*:*:*:*", "matchCriteriaId": "1C0312FC-8178-46DE-B4EE-00F2895073BA", "vulnerable": true}, {"criteria": "cpe:2.3:a:f5:big-ip_access_policy_manager:11.5.1:*:*:*:*:*:*:*", "matchCriteriaId": "BC6C5628-14FF-4D75-B62E-D4B2707C1E3D", "vulnerable": true}], "negate": false, "operator": "OR"}]}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:f5:big-ip_protocol_security_module:10.1.0:*:*:*:*:*:*:*", "matchCriteriaId": "288EB1AC-9DE3-4FE2-AE4D-006A49199877", "vulnerable": true}, {"criteria": "cpe:2.3:a:f5:big-ip_protocol_security_module:10.2.0:*:*:*:*:*:*:*", "matchCriteriaId": "1405D7AE-D14C-40F6-9144-EF2F18A6EBC1", "vulnerable": true}, {"criteria": "cpe:2.3:a:f5:big-ip_protocol_security_module:10.2.1:*:*:*:*:*:*:*", "matchCriteriaId": "E807E667-0597-4F14-902A-B922C94F572C", "vulnerable": true}, {"criteria": "cpe:2.3:a:f5:big-ip_protocol_security_module:10.2.2:*:*:*:*:*:*:*", "matchCriteriaId": "02614B4F-0E90-456E-B7ED-387A3007FB45", "vulnerable": true}, {"criteria": "cpe:2.3:a:f5:big-ip_protocol_security_module:10.2.3:*:*:*:*:*:*:*", "matchCriteriaId": "F482624A-BE79-4A87-B676-DBB57369D31C", "vulnerable": true}, {"criteria": "cpe:2.3:a:f5:big-ip_protocol_security_module:10.2.4:*:*:*:*:*:*:*", "matchCriteriaId": "77888947-80CB-46B3-910E-DCCFDF6B3D47", "vulnerable": true}, {"criteria": "cpe:2.3:a:f5:big-ip_protocol_security_module:11.0.0:*:*:*:*:*:*:*", "matchCriteriaId": "3251DB7F-0436-48D5-AF7B-F812237DB926", "vulnerable": true}, {"criteria": "cpe:2.3:a:f5:big-ip_protocol_security_module:11.1.0:*:*:*:*:*:*:*", "matchCriteriaId": "8600FF27-4407-4755-A1E3-5648D9ACCB1C", "vulnerable": true}, {"criteria": "cpe:2.3:a:f5:big-ip_protocol_security_module:11.2.0:*:*:*:*:*:*:*", "matchCriteriaId": "D3A84AF1-A18E-4AFD-B85E-49CE46A548D8", "vulnerable": true}, {"criteria": "cpe:2.3:a:f5:big-ip_protocol_security_module:11.2.1:*:*:*:*:*:*:*", "matchCriteriaId": "BA54B88F-4A16-4F40-8A3B-B107F0CA2334", "vulnerable": true}, {"criteria": "cpe:2.3:a:f5:big-ip_protocol_security_module:11.3.0:*:*:*:*:*:*:*", "matchCriteriaId": "17C28542-51A4-4464-ADF9-C6376F829F4A", "vulnerable": true}, {"criteria": "cpe:2.3:a:f5:big-ip_protocol_security_module:11.4.0:*:*:*:*:*:*:*", "matchCriteriaId": "584853F9-644F-40B2-A28F-1CE9B51F84F6", "vulnerable": true}, {"criteria": "cpe:2.3:a:f5:big-ip_protocol_security_module:11.4.1:*:*:*:*:*:*:*", "matchCriteriaId": "DFE665CF-A633-474E-9519-D20E3D3958CF", "vulnerable": true}], "negate": false, "operator": "OR"}]}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:f5:big-ip_webaccelerator:10.1.0:*:*:*:*:*:*:*", "matchCriteriaId": "78F1A903-4AF5-4FE6-92B0-9F0B64723804", "vulnerable": true}, {"criteria": "cpe:2.3:a:f5:big-ip_webaccelerator:10.2.0:*:*:*:*:*:*:*", "matchCriteriaId": "383966C0-2FDD-4755-BA16-EE73D4577DFD", "vulnerable": true}, {"criteria": "cpe:2.3:a:f5:big-ip_webaccelerator:10.2.1:*:*:*:*:*:*:*", "matchCriteriaId": "2AD7519A-2F81-42CB-A18A-0BA9DB0F90D0", "vulnerable": true}, {"criteria": "cpe:2.3:a:f5:big-ip_webaccelerator:10.2.2:*:*:*:*:*:*:*", "matchCriteriaId": "F16F5CB9-3A92-4A96-BC24-993FCF3DC13F", "vulnerable": true}, {"criteria": "cpe:2.3:a:f5:big-ip_webaccelerator:10.2.3:*:*:*:*:*:*:*", "matchCriteriaId": "2748B48B-3E2A-4837-981E-5049CF627CBC", "vulnerable": true}, {"criteria": "cpe:2.3:a:f5:big-ip_webaccelerator:10.2.4:*:*:*:*:*:*:*", "matchCriteriaId": "3A2E767A-65BC-420B-9BA3-12B51575FB37", "vulnerable": true}, {"criteria": "cpe:2.3:a:f5:big-ip_webaccelerator:11.0.0:*:*:*:*:*:*:*", "matchCriteriaId": "E5E8E654-DA20-45F9-A25E-44D1E31F64C6", "vulnerable": true}, {"criteria": "cpe:2.3:a:f5:big-ip_webaccelerator:11.1.0:*:*:*:*:*:*:*", "matchCriteriaId": "3C8FCFDA-703B-42DC-91FF-00066E88E49D", "vulnerable": true}, {"criteria": "cpe:2.3:a:f5:big-ip_webaccelerator:11.2.0:*:*:*:*:*:*:*", "matchCriteriaId": "3CA49611-A8E4-454E-98AD-B64C0202838F", "vulnerable": true}, {"criteria": "cpe:2.3:a:f5:big-ip_webaccelerator:11.2.1:*:*:*:*:*:*:*", "matchCriteriaId": "FF7FCC81-2F1D-4EF5-956B-085FB7FEFAE7", "vulnerable": true}, {"criteria": "cpe:2.3:a:f5:big-ip_webaccelerator:11.3.0:*:*:*:*:*:*:*", "matchCriteriaId": "200A9CE9-E56D-4EFA-AC8A-954F945DDDBB", "vulnerable": true}], "negate": false, "operator": "OR"}]}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:f5:big-ip_wan_optimization_manager:10.1.0:*:*:*:*:*:*:*", "matchCriteriaId": "126AD92E-6816-42C0-8801-A81B59C11A56", "vulnerable": true}, {"criteria": "cpe:2.3:a:f5:big-ip_wan_optimization_manager:10.2.0:*:*:*:*:*:*:*", "matchCriteriaId": "890F363A-FC4F-4F52-BBFF-E959F65043A6", "vulnerable": true}, {"criteria": "cpe:2.3:a:f5:big-ip_wan_optimization_manager:10.2.1:*:*:*:*:*:*:*", "matchCriteriaId": "4CE899AF-EA61-4B9D-9523-BF436614CE21", "vulnerable": true}, {"criteria": "cpe:2.3:a:f5:big-ip_wan_optimization_manager:10.2.2:*:*:*:*:*:*:*", "matchCriteriaId": "E5BA7D7A-02C8-411A-AFBF-D523E57A66C0", "vulnerable": true}, {"criteria": "cpe:2.3:a:f5:big-ip_wan_optimization_manager:10.2.3:*:*:*:*:*:*:*", "matchCriteriaId": "0018A0C0-AFB3-4654-9504-78A2742C6EE0", "vulnerable": true}, {"criteria": "cpe:2.3:a:f5:big-ip_wan_optimization_manager:10.2.4:*:*:*:*:*:*:*", "matchCriteriaId": "3A1ACF2F-3C0E-42E1-A1D2-6D682B2E32C5", "vulnerable": true}, {"criteria": "cpe:2.3:a:f5:big-ip_wan_optimization_manager:11.0.0:*:*:*:*:*:*:*", "matchCriteriaId": "C14D0DD3-E6A9-43C8-85D7-6DBB16E30DD5", "vulnerable": true}, {"criteria": "cpe:2.3:a:f5:big-ip_wan_optimization_manager:11.1.0:*:*:*:*:*:*:*", "matchCriteriaId": "2B59396A-EAFF-41D4-874F-4CA91D901807", "vulnerable": true}, {"criteria": "cpe:2.3:a:f5:big-ip_wan_optimization_manager:11.2.0:*:*:*:*:*:*:*", "matchCriteriaId": "4C9C14C5-B23C-4CE3-8FF0-52741CBB602E", "vulnerable": true}, {"criteria": "cpe:2.3:a:f5:big-ip_wan_optimization_manager:11.2.1:*:*:*:*:*:*:*", "matchCriteriaId": "7FBA20ED-08F5-4C35-991A-0DBC6BEAECC7", "vulnerable": true}, {"criteria": "cpe:2.3:a:f5:big-ip_wan_optimization_manager:11.3.0:*:*:*:*:*:*:*", "matchCriteriaId": "8D94751C-A340-4DE7-821A-5143FA0011E4", "vulnerable": true}], "negate": false, "operator": "OR"}]}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:f5:big-ip_analytics:11.0.0:*:*:*:*:*:*:*", "matchCriteriaId": "8FA5C323-7247-42B5-AF3E-F7E8A18932CD", "vulnerable": true}, {"criteria": "cpe:2.3:a:f5:big-ip_analytics:11.1.0:*:*:*:*:*:*:*", "matchCriteriaId": "FF199950-9564-4CF2-BC74-F9E1C28AC377", "vulnerable": true}, {"criteria": "cpe:2.3:a:f5:big-ip_analytics:11.2.0:*:*:*:*:*:*:*", "matchCriteriaId": "A613D29A-9C7F-49A5-98E4-8477A1FF7C9E", "vulnerable": true}, {"criteria": "cpe:2.3:a:f5:big-ip_analytics:11.2.1:*:*:*:*:*:*:*", "matchCriteriaId": "867B2CA9-DAE5-4070-B8E6-F624C59F5054", "vulnerable": true}, {"criteria": "cpe:2.3:a:f5:big-ip_analytics:11.3.0:*:*:*:*:*:*:*", "matchCriteriaId": "52CD200C-1D14-471F-93C1-027CC676C26C", "vulnerable": true}, {"criteria": "cpe:2.3:a:f5:big-ip_analytics:11.4.0:*:*:*:*:*:*:*", "matchCriteriaId": "4D1850CE-D20D-4677-8CF2-1DB3A4EB33F2", "vulnerable": true}, {"criteria": "cpe:2.3:a:f5:big-ip_analytics:11.4.1:*:*:*:*:*:*:*", "matchCriteriaId": "0A70B1E2-0B3D-4DE9-8ED9-777F73D0B750", "vulnerable": true}, {"criteria": "cpe:2.3:a:f5:big-ip_analytics:11.5.0:*:*:*:*:*:*:*", "matchCriteriaId": "A7D226F1-6513-4233-BE20-58D7AB24978F", "vulnerable": true}, {"criteria": "cpe:2.3:a:f5:big-ip_analytics:11.5.1:*:*:*:*:*:*:*", "matchCriteriaId": "B33B2082-E040-4799-A260-BA687ED8614E", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "descriptions": [{"lang": "en", "value": "Cross-site scripting (XSS) vulnerability in tmui/dashboard/echo.jsp in the Configuration utility in F5 BIG-IP LTM, APM, ASM, GTM, and Link Controller 11.0.0 before 11.6.0 and 10.1.0 through 10.2.4, AAM 11.4.0 before 11.6.0, AFM and PEM 11.3.0 before 11.6.0, Analytics 11.0.0 through 11.5.1, Edge Gateway, WebAccelerator, and WOM 11.0.0 through 11.3.0 and 10.1.0 through 10.2.4, and PSM 11.0.0 through 11.4.1 and 10.1.0 through 10.2.4 and Enterprise Manager 3.0.0 through 3.1.1 and 2.1.0 through 2.3.0 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors."}, {"lang": "es", "value": "Vulnerabilidad de XSS en tmui/dashboard/echo.jsp en la utilidad Configuration en F5 BIG-IP LTM, APM, ASM, GTM, y Link Controller 11.0.0 anterior a 11.6.0 y 10.1.0 hasta 10.2.4, AAM 11.4.0 anterior a 11.6.0, AFM y PEM 11.3.0 anterior a 11.6.0, Analytics 11.0.0 hasta 11.5.1, Edge Gateway, WebAccelerator, y WOM 11.0.0 hasta 11.3.0 y 10.1.0 hasta 10.2.4, y PSM 11.0.0 hasta 11.4.1 y 10.1.0 hasta 10.2.4 y Enterprise Manager 3.0.0 hasta 3.1.1 y 2.1.0 hasta 2.3.0 permite a atacantes remotos inyectar secuencias de comandos web arbitrarios a trav\u00e9s de vectores no especificados."}], "id": "CVE-2014-4023", "lastModified": "2015-08-28T15:49:41.780", "metrics": {"cvssMetricV2": [{"acInsufInfo": false, "baseSeverity": "MEDIUM", "cvssData": {"accessComplexity": "MEDIUM", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "NONE", "baseScore": 4.3, "confidentialityImpact": "NONE", "integrityImpact": "PARTIAL", "vectorString": "AV:N/AC:M/Au:N/C:N/I:P/A:N", "version": "2.0"}, "exploitabilityScore": 8.6, "impactScore": 2.9, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": true}]}, "published": "2014-10-28T14:55:05.987", "references": [{"source": "cve@mitre.org", "url": "http://www.securitytracker.com/id/1030776"}, {"source": "cve@mitre.org", "tags": ["Vendor Advisory"], "url": "https://support.f5.com/kb/en-us/solutions/public/15000/500/sol15532.html"}, {"source": "cve@mitre.org", "tags": ["Exploit"], "url": "https://www.sec-consult.com/fxdata/seccons/prod/temedia/advisories_txt/20140828-F5_BIG-IP_Reflected_XSS_v10.txt"}], "sourceIdentifier": "cve@mitre.org", "vulnStatus": "Analyzed", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-79"}], "source": "nvd@nist.gov", "type": "Primary"}]}

{}