cbcvebase.
CVE-2019-6589
published 2019-02-14

CVE-2019-6589: On BIG-IP 14.0.0-14.0.0.2, 13.0.0-13.1.1.3, 12.1.0-12.1.3.7, and 11.6.0-11.6.3.2, a reflected Cross Site Scripting (XSS) vulnerability is present in an…

medium6.1CVSS 3.0
AVNACLPRNUIRSCCLILAN
On BIG-IP 14.0.0-14.0.0.2, 13.0.0-13.1.1.3, 12.1.0-12.1.3.7, and 11.6.0-11.6.3.2, a reflected Cross Site Scripting (XSS) vulnerability is present in an undisclosed page of the BIG-IP TMUI (Traffic Management User Interface) also known as the BIG-IP configuration utility.

Affected

65 ranges· showing 25
VendorProductVersion rangeFixed in
f5big-ip_aam
f5big-ip_access_policy_manager11.6.0 – 11.6.3.2
f5big-ip_access_policy_manager12.1.0 – 12.1.3.7
f5big-ip_access_policy_manager13.0.0 – 13.1.1.3
f5big-ip_access_policy_manager14.0.0 – 14.0.0.2
f5big-ip_advanced_firewall_manager11.6.0 – 11.6.3.2
f5big-ip_advanced_firewall_manager12.1.0 – 12.1.3.7
f5big-ip_advanced_firewall_manager13.0.0 – 13.1.1.3
f5big-ip_advanced_firewall_manager14.0.0 – 14.0.0.2
f5big-ip_afm
f5big-ip_analytics
f5big-ip_analytics11.6.0 – 11.6.3.2
f5big-ip_analytics12.1.0 – 12.1.3.7
f5big-ip_analytics13.0.0 – 13.1.1.3
f5big-ip_analytics14.0.0 – 14.0.0.2
f5big-ip_apm
f5big-ip_application_acceleration_manager11.6.0 – 11.6.3.2
f5big-ip_application_acceleration_manager12.1.0 – 12.1.3.7
f5big-ip_application_acceleration_manager13.0.0 – 13.1.1.3
f5big-ip_application_acceleration_manager14.0.0 – 14.0.0.2
f5big-ip_application_security_manager11.6.0 – 11.6.3.2
f5big-ip_application_security_manager12.1.0 – 12.1.3.7
f5big-ip_application_security_manager13.0.0 – 13.1.1.3
f5big-ip_application_security_manager14.0.0 – 14.0.0.2
f5big-ip_asm