CVE-2008-6474

CWE-94Code Injection4 documents4 sources
Severity
9.0CRITICAL
EPSS
0.5%
top 34.81%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
1
F5 Tmos
Timeline
PublishedMar 16
Latest updateMay 14

Description

The management interface in F5 BIG-IP 9.4.3 allows remote authenticated users with Resource Manager privileges to inject arbitrary Perl code via unspecified configuration settings related to Perl EP3 with templates, probably triggering static code injection.

CVSS vector

AV:N/AC:L/C:C/I:C/A:CExploitability: 8.0 | Impact: 10.0

Affected Packages1 packages

NVDf5/tmos9.4.3

🔴Vulnerability Details

2
GHSA
GHSA-23v8-p364-5gvm: The management interface in F5 BIG-IP 92022-05-14
CVEList
CVE-2008-6474: The management interface in F5 BIG-IP 92009-03-16

💬Community

1
Bugzilla
CVE-2013-6474 cups-filters: heap-based buffer overflow flaw in pdftoopvp2013-11-07
CVE-2008-6474 (CRITICAL CVSS 9) | The management interface in F5 BIG- | cvebase.io