cnvd - cnvd-2017-00462

cnvd-2017-00462

Vulnerability from cnvd

Title: 多个F5 BIG-IP产品HTML注入漏洞

Description:

F5 BIG-IP和EnterpriseManager都是美国F5公司的产品。前者是一款集成了网络流量管理、应用程序安全管理、负载均衡等功能的多合一网络设备。后者是一款提供了整个BIG-IP应用交付基础架构的视图和优化应用性能的工具。

多个F5 BIG-IP产品存在HTML注入漏洞，攻击者可利用该漏洞在受影响的上下文中执行脚本代码和HTML，窃取基于cookie的身份验证证书。

Severity: 中

Patch Name: 多个F5 BIG-IP产品HTML注入漏洞的补丁

Patch Description:

多个F5 BIG-IP产品存在HTML注入漏洞，攻击者可利用该漏洞在受影响的上下文中执行脚本代码和HTML，窃取基于cookie的身份验证证书。目前，供应商发布了安全公告及相关补丁信息，修复了此漏洞。

Formal description:

厂商已发布了漏洞修复程序，请及时关注更新： https://support.f5.com/csp/#/article/K97285349

Reference: http://www.securityfocus.com/bid/95320

Impacted products

Name
['F5 BIG-IP WebAccelerator 11.2.1', 'F5 BIG-IP WOM 11.2.1', 'F5 Enterprise Manager 3.1.1', 'F5 BIG-IP WebSafe 12.1', 'F5 BIG-IP WebSafe 12.0', 'F5 BIG-IP WebSafe 11.6.1', 'F5 BIG-IP WebSafe 11.6', 'F5 BIG-IP PSM 11.4.1', 'F5 BIG-IP PSM 11.4', 'F5 BIG-IP PEM 12.1.2', 'F5 BIG-IP PEM 12.1.1', 'F5 BIG-IP PEM 12.0', 'F5 BIG-IP PEM 11.6.1', 'F5 BIG-IP PEM 11.5.3', 'F5 BIG-IP PEM 11.5.1', 'F5 BIG-IP PEM 11.5', 'F5 BIG-IP PEM 11.4', 'F5 BIG-IP PEM 12.1.0', 'F5 BIG-IP PEM 11.5.4', 'F5 BIG-IP PEM 11.4.1']

Name

['F5 BIG-IP WebAccelerator 11.2.1', 'F5 BIG-IP WOM 11.2.1', 'F5 Enterprise Manager 3.1.1', 'F5 BIG-IP WebSafe 12.1', 'F5 BIG-IP WebSafe 12.0', 'F5 BIG-IP WebSafe 11.6.1', 'F5 BIG-IP WebSafe 11.6', 'F5 BIG-IP PSM 11.4.1', 'F5 BIG-IP PSM 11.4', 'F5 BIG-IP PEM 12.1.2', 'F5 BIG-IP PEM 12.1.1', 'F5 BIG-IP PEM 12.0', 'F5 BIG-IP PEM 11.6.1', 'F5 BIG-IP PEM 11.5.3', 'F5 BIG-IP PEM 11.5.1', 'F5 BIG-IP PEM 11.5', 'F5 BIG-IP PEM 11.4', 'F5 BIG-IP PEM 12.1.0', 'F5 BIG-IP PEM 11.5.4', 'F5 BIG-IP PEM 11.4.1']

Show details on source website

JSON

To clipboard

{
  "bids": {
    "bid": {
      "bidNumber": "95320"
    }
  },
  "cves": {
    "cve": {
      "cveNumber": "CVE-2016-7469"
    }
  },
  "description": "F5 BIG-IP\u548cEnterpriseManager\u90fd\u662f\u7f8e\u56fdF5\u516c\u53f8\u7684\u4ea7\u54c1\u3002\u524d\u8005\u662f\u4e00\u6b3e\u96c6\u6210\u4e86\u7f51\u7edc\u6d41\u91cf\u7ba1\u7406\u3001\u5e94\u7528\u7a0b\u5e8f\u5b89\u5168\u7ba1\u7406\u3001\u8d1f\u8f7d\u5747\u8861\u7b49\u529f\u80fd\u7684\u591a\u5408\u4e00\u7f51\u7edc\u8bbe\u5907\u3002\u540e\u8005\u662f\u4e00\u6b3e\u63d0\u4f9b\u4e86\u6574\u4e2aBIG-IP\u5e94\u7528\u4ea4\u4ed8\u57fa\u7840\u67b6\u6784\u7684\u89c6\u56fe\u548c\u4f18\u5316\u5e94\u7528\u6027\u80fd\u7684\u5de5\u5177\u3002\r\n\r\n\u591a\u4e2aF5 BIG-IP\u4ea7\u54c1\u5b58\u5728HTML\u6ce8\u5165\u6f0f\u6d1e\uff0c\u653b\u51fb\u8005\u53ef\u5229\u7528\u8be5\u6f0f\u6d1e\u5728\u53d7\u5f71\u54cd\u7684\u4e0a\u4e0b\u6587\u4e2d\u6267\u884c\u811a\u672c\u4ee3\u7801\u548cHTML\uff0c\u7a83\u53d6\u57fa\u4e8ecookie\u7684\u8eab\u4efd\u9a8c\u8bc1\u8bc1\u4e66\u3002",
  "discovererName": "Mukhammad Khalilov of Help AG",
  "formalWay": "\u5382\u5546\u5df2\u53d1\u5e03\u4e86\u6f0f\u6d1e\u4fee\u590d\u7a0b\u5e8f\uff0c\u8bf7\u53ca\u65f6\u5173\u6ce8\u66f4\u65b0\uff1a\r\nhttps://support.f5.com/csp/#/article/K97285349",
  "isEvent": "\u901a\u7528\u8f6f\u786c\u4ef6\u6f0f\u6d1e",
  "number": "CNVD-2017-00462",
  "openTime": "2017-01-16",
  "patchDescription": "F5 BIG-IP\u548cEnterpriseManager\u90fd\u662f\u7f8e\u56fdF5\u516c\u53f8\u7684\u4ea7\u54c1\u3002\u524d\u8005\u662f\u4e00\u6b3e\u96c6\u6210\u4e86\u7f51\u7edc\u6d41\u91cf\u7ba1\u7406\u3001\u5e94\u7528\u7a0b\u5e8f\u5b89\u5168\u7ba1\u7406\u3001\u8d1f\u8f7d\u5747\u8861\u7b49\u529f\u80fd\u7684\u591a\u5408\u4e00\u7f51\u7edc\u8bbe\u5907\u3002\u540e\u8005\u662f\u4e00\u6b3e\u63d0\u4f9b\u4e86\u6574\u4e2aBIG-IP\u5e94\u7528\u4ea4\u4ed8\u57fa\u7840\u67b6\u6784\u7684\u89c6\u56fe\u548c\u4f18\u5316\u5e94\u7528\u6027\u80fd\u7684\u5de5\u5177\u3002\r\n\r\n\u591a\u4e2aF5 BIG-IP\u4ea7\u54c1\u5b58\u5728HTML\u6ce8\u5165\u6f0f\u6d1e\uff0c\u653b\u51fb\u8005\u53ef\u5229\u7528\u8be5\u6f0f\u6d1e\u5728\u53d7\u5f71\u54cd\u7684\u4e0a\u4e0b\u6587\u4e2d\u6267\u884c\u811a\u672c\u4ee3\u7801\u548cHTML\uff0c\u7a83\u53d6\u57fa\u4e8ecookie\u7684\u8eab\u4efd\u9a8c\u8bc1\u8bc1\u4e66\u3002\u76ee\u524d\uff0c\u4f9b\u5e94\u5546\u53d1\u5e03\u4e86\u5b89\u5168\u516c\u544a\u53ca\u76f8\u5173\u8865\u4e01\u4fe1\u606f\uff0c\u4fee\u590d\u4e86\u6b64\u6f0f\u6d1e\u3002",
  "patchName": "\u591a\u4e2aF5 BIG-IP\u4ea7\u54c1HTML\u6ce8\u5165\u6f0f\u6d1e\u7684\u8865\u4e01",
  "products": {
    "product": [
      "F5 BIG-IP WebAccelerator 11.2.1",
      "F5 BIG-IP WOM 11.2.1",
      "F5 Enterprise Manager 3.1.1",
      "F5 BIG-IP WebSafe 12.1",
      "F5 BIG-IP WebSafe 12.0",
      "F5 BIG-IP WebSafe 11.6.1",
      "F5 BIG-IP WebSafe 11.6",
      "F5 BIG-IP PSM 11.4.1",
      "F5 BIG-IP PSM 11.4",
      "F5 BIG-IP PEM 12.1.2",
      "F5 BIG-IP PEM 12.1.1",
      "F5 BIG-IP PEM 12.0",
      "F5 BIG-IP PEM 11.6.1",
      "F5 BIG-IP PEM 11.5.3",
      "F5 BIG-IP PEM 11.5.1",
      "F5 BIG-IP PEM 11.5",
      "F5 BIG-IP PEM 11.4",
      "F5 BIG-IP PEM 12.1.0",
      "F5 BIG-IP PEM 11.5.4",
      "F5 BIG-IP PEM 11.4.1"
    ]
  },
  "referenceLink": "http://www.securityfocus.com/bid/95320",
  "serverity": "\u4e2d",
  "submitTime": "2017-01-11",
  "title": "\u591a\u4e2aF5 BIG-IP\u4ea7\u54c1HTML\u6ce8\u5165\u6f0f\u6d1e"
}

CVE-2016-7469 (GCVE-0-2016-7469)

Vulnerability from cvelistv5

Published

2017-06-09 15:00

Modified

2024-08-06 01:57

Severity ?

CWE

cross-site scripting (XSS)

Summary

A stored cross-site scripting (XSS) vulnerability in the Configuration utility device name change page in BIG-IP LTM, AAM, AFM, Analytics, APM, ASM, DNS, Edge Gateway, GTM, Link Controller, PEM, PSM, WebAccelerator, WOM and WebSafe version 12.0.0 - 12.1.2, 11.4.0 - 11.6.1, and 11.2.1 allows an authenticated user to inject arbitrary web script or HTML. Exploitation requires Resource Administrator or Administrator privileges, and it could cause the Configuration utility client to become unstable.

References

▼	URL	Tags
	https://support.f5.com/csp/article/K97285349	x_refsource_CONFIRM
	http://www.securitytracker.com/id/1037559	vdb-entry, x_refsource_SECTRACK
	http://www.securityfocus.com/bid/95320	vdb-entry, x_refsource_BID
	http://www.securitytracker.com/id/1037560	vdb-entry, x_refsource_SECTRACK

Impacted products

	Vendor	Product	Version
	F5 Networks, Inc.	BIG-IP LTM, AAM, AFM, Analytics, APM, ASM, DNS, Edge Gateway, GTM, Link Controller, PEM, PSM,WebAccelerator,WOM,WebSafe	Version: 12.0.0 - 12.1.2 Version: 11.4.0 - 11.6.1 Version: 11.2.1

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-06T01:57:47.636Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://support.f5.com/csp/article/K97285349"
          },
          {
            "name": "1037559",
            "tags": [
              "vdb-entry",
              "x_refsource_SECTRACK",
              "x_transferred"
            ],
            "url": "http://www.securitytracker.com/id/1037559"
          },
          {
            "name": "95320",
            "tags": [
              "vdb-entry",
              "x_refsource_BID",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/bid/95320"
          },
          {
            "name": "1037560",
            "tags": [
              "vdb-entry",
              "x_refsource_SECTRACK",
              "x_transferred"
            ],
            "url": "http://www.securitytracker.com/id/1037560"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "BIG-IP LTM, AAM, AFM, Analytics, APM, ASM, DNS, Edge Gateway, GTM, Link Controller, PEM, PSM,WebAccelerator,WOM,WebSafe",
          "vendor": "F5 Networks, Inc.",
          "versions": [
            {
              "status": "affected",
              "version": "12.0.0 - 12.1.2"
            },
            {
              "status": "affected",
              "version": "11.4.0 - 11.6.1"
            },
            {
              "status": "affected",
              "version": "11.2.1"
            }
          ]
        }
      ],
      "datePublic": "2017-06-07T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "A stored cross-site scripting (XSS) vulnerability in the Configuration utility device name change page in BIG-IP LTM, AAM, AFM, Analytics, APM, ASM, DNS, Edge Gateway, GTM, Link Controller, PEM, PSM, WebAccelerator, WOM and WebSafe version 12.0.0 - 12.1.2, 11.4.0 - 11.6.1, and 11.2.1 allows an authenticated user to inject arbitrary web script or HTML. Exploitation requires Resource Administrator or Administrator privileges, and it could cause the Configuration utility client to become unstable."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "cross-site scripting (XSS)",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2017-07-26T09:57:01",
        "orgId": "9dacffd4-cb11-413f-8451-fbbfd4ddc0ab",
        "shortName": "f5"
      },
      "references": [
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://support.f5.com/csp/article/K97285349"
        },
        {
          "name": "1037559",
          "tags": [
            "vdb-entry",
            "x_refsource_SECTRACK"
          ],
          "url": "http://www.securitytracker.com/id/1037559"
        },
        {
          "name": "95320",
          "tags": [
            "vdb-entry",
            "x_refsource_BID"
          ],
          "url": "http://www.securityfocus.com/bid/95320"
        },
        {
          "name": "1037560",
          "tags": [
            "vdb-entry",
            "x_refsource_SECTRACK"
          ],
          "url": "http://www.securitytracker.com/id/1037560"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "f5sirt@f5.com",
          "ID": "CVE-2016-7469",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "BIG-IP LTM, AAM, AFM, Analytics, APM, ASM, DNS, Edge Gateway, GTM, Link Controller, PEM, PSM,WebAccelerator,WOM,WebSafe",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "12.0.0 - 12.1.2"
                          },
                          {
                            "version_value": "11.4.0 - 11.6.1"
                          },
                          {
                            "version_value": "11.2.1"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "F5 Networks, Inc."
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "A stored cross-site scripting (XSS) vulnerability in the Configuration utility device name change page in BIG-IP LTM, AAM, AFM, Analytics, APM, ASM, DNS, Edge Gateway, GTM, Link Controller, PEM, PSM, WebAccelerator, WOM and WebSafe version 12.0.0 - 12.1.2, 11.4.0 - 11.6.1, and 11.2.1 allows an authenticated user to inject arbitrary web script or HTML. Exploitation requires Resource Administrator or Administrator privileges, and it could cause the Configuration utility client to become unstable."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "cross-site scripting (XSS)"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "https://support.f5.com/csp/article/K97285349",
              "refsource": "CONFIRM",
              "url": "https://support.f5.com/csp/article/K97285349"
            },
            {
              "name": "1037559",
              "refsource": "SECTRACK",
              "url": "http://www.securitytracker.com/id/1037559"
            },
            {
              "name": "95320",
              "refsource": "BID",
              "url": "http://www.securityfocus.com/bid/95320"
            },
            {
              "name": "1037560",
              "refsource": "SECTRACK",
              "url": "http://www.securitytracker.com/id/1037560"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "9dacffd4-cb11-413f-8451-fbbfd4ddc0ab",
    "assignerShortName": "f5",
    "cveId": "CVE-2016-7469",
    "datePublished": "2017-06-09T15:00:00",
    "dateReserved": "2016-09-09T00:00:00",
    "dateUpdated": "2024-08-06T01:57:47.636Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

Sightings

Author	Source	Type	Date

Nomenclature

Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
Confirmed: The vulnerability is confirmed from an analyst perspective.
Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
Patched: This vulnerability was successfully patched by the user reporting the sighting.
Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
Not confirmed: The user expresses doubt about the veracity of the vulnerability.
Not patched: This vulnerability was not successfully patched by the user reporting the sighting.

Action not permitted