CVE-2018-5544

When the F5 BIG-IP APM 13.0.0-13.1.1 or 12.1.0-12.1.3 renders certain pages (pages with a logon agent or a confirm box), the BIG-IP APM may disclose configuration information such as partition and agent names via URI parameters.
References
Link Resource
http://www.securityfocus.com/bid/104932 Third Party Advisory VDB Entry
http://www.securitytracker.com/id/1041398 Third Party Advisory VDB Entry
https://support.f5.com/csp/article/K23024812 Vendor Advisory
http://www.securityfocus.com/bid/104932 Third Party Advisory VDB Entry
http://www.securitytracker.com/id/1041398 Third Party Advisory VDB Entry
https://support.f5.com/csp/article/K23024812 Vendor Advisory
Configurations

Configuration 1 (hide)

OR cpe:2.3:a:f5:big-ip_access_policy_manager:*:*:*:*:*:*:*:*
cpe:2.3:a:f5:big-ip_access_policy_manager:*:*:*:*:*:*:*:*

History

21 Nov 2024, 04:09

Type Values Removed Values Added
References () http://www.securityfocus.com/bid/104932 - Third Party Advisory, VDB Entry () http://www.securityfocus.com/bid/104932 - Third Party Advisory, VDB Entry
References () http://www.securitytracker.com/id/1041398 - Third Party Advisory, VDB Entry () http://www.securitytracker.com/id/1041398 - Third Party Advisory, VDB Entry
References () https://support.f5.com/csp/article/K23024812 - Vendor Advisory () https://support.f5.com/csp/article/K23024812 - Vendor Advisory

Information

Published : 2018-07-31 14:29

Updated : 2024-11-21 04:09


NVD link : CVE-2018-5544

Mitre link : CVE-2018-5544

CVE.ORG link : CVE-2018-5544


JSON object : View

Products Affected

f5

  • big-ip_access_policy_manager
CWE
CWE-200

Exposure of Sensitive Information to an Unauthorized Actor