CVE-2013-7408 — F5 Big-ip Analytics vulnerability

CWE-3102 documents2 sources

Severity

7.5HIGHNVD

EPSS

0.6%

top 29.37%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

F5 Big-ip Analytics

Timeline

PublishedOct 26

Latest updateMay 17

Description

F5 BIG-IP Analytics 11.x before 11.4.0 uses a predictable session cookie, which makes it easier for remote attackers to have unspecified impact by guessing the value.

CVSS vector

AV:N/AC:L/C:P/I:P/A:PExploitability: 10.0 | Impact: 6.4

Affected Packages1 packages

▶NVDf5/big-ip_analytics5 versions+4

🔴Vulnerability Details

GHSA

GHSA-7w4v-5mff-3878: F5 BIG-IP Analytics 11↗2022-05-17

▶