cbcvebase.
CVE-2020-5940
published 2020-11-05

CVE-2020-5940: In versions 16.0.0-16.0.0.1, 15.1.0-15.1.0.5, and 14.1.0-14.1.2.3, a stored cross-site scripting (XSS) vulnerability exists in an undisclosed page of the…

medium5.4CVSS 3.1
AVNACLPRLUIRSCCLILAN
In versions 16.0.0-16.0.0.1, 15.1.0-15.1.0.5, and 14.1.0-14.1.2.3, a stored cross-site scripting (XSS) vulnerability exists in an undisclosed page of the BIG-IP Traffic Management User Interface (TMUI), also known as the BIG-IP Configuration utility.

Affected

53 ranges· showing 25
VendorProductVersion rangeFixed in
f5big-ip_aam
f5big-ip_access_policy_manager
f5big-ip_access_policy_manager>= 14.1.0 < 14.1.2.414.1.2.4
f5big-ip_access_policy_manager>= 15.1.0 < 15.1.115.1.1
f5big-ip_access_policy_manager>= 16.0.0 < 16.0.116.0.1
f5big-ip_advanced_firewall_manager>= 14.1.0 < 14.1.2.414.1.2.4
f5big-ip_advanced_firewall_manager>= 15.1.0 < 15.1.115.1.1
f5big-ip_advanced_firewall_manager>= 16.0.0 < 16.0.116.0.1
f5big-ip_afm
f5big-ip_analytics
f5big-ip_analytics>= 14.1.0 < 14.1.2.414.1.2.4
f5big-ip_analytics>= 15.1.0 < 15.1.115.1.1
f5big-ip_analytics>= 16.0.0 < 16.0.116.0.1
f5big-ip_apm
f5big-ip_application_acceleration_manager>= 14.1.0 < 14.1.2.414.1.2.4
f5big-ip_application_acceleration_manager>= 15.1.0 < 15.1.115.1.1
f5big-ip_application_acceleration_manager>= 16.0.0 < 16.0.116.0.1
f5big-ip_application_security_manager>= 14.1.0 < 14.1.2.414.1.2.4
f5big-ip_application_security_manager>= 15.1.0 < 15.1.115.1.1
f5big-ip_application_security_manager>= 16.0.0 < 16.0.116.0.1
f5big-ip_asm
f5big-ip_dns
f5big-ip_domain_name_system>= 14.1.0 < 14.1.2.414.1.2.4
f5big-ip_domain_name_system>= 15.1.0 < 15.1.115.1.1
f5big-ip_domain_name_system>= 16.0.0 < 16.0.116.0.1