CVE-2018-15310 — Sensitive Information Exposure in F5 Big-ip Access Policy Manager

Severity

4.3MEDIUMNVD

EPSS

0.3%

top 48.25%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

Timeline

PublishedSep 13

Latest updateMay 14

Description

A vulnerability in BIG-IP APM portal access 11.5.1-11.5.7, 11.6.0-11.6.3, and 12.1.0-12.1.3 discloses the BIG-IP software version in rewritten pages.

CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:NExploitability: 2.8 | Impact: 1.4

▶CVEListV5f5_networks_inc/big-ip_apm11.5.1-11.5.7, 11.6.0-11.6.3, 12.1.0-12.1.3

GHSA

GHSA-w3hg-cwr9-hg7m: A vulnerability in BIG-IP APM portal access 11↗2022-05-14

▶

CVE-2018-15310: A vulnerability in BIG-IP APM portal access 11↗2018-09-13

▶