Perl Code Injection Vulnerability in F5 BIG-IP Management Interface
CVE-2008-6474

Currently unrated

Key Information:

Vendor
F5
Status
Vendor
CVE Published:
16 March 2009

Summary

The management interface of F5 BIG-IP version 9.4.3 is vulnerable to a code injection attack that allows remote authenticated users possessing Resource Manager privileges to inject arbitrary Perl code. This vulnerability arises from unspecified configuration settings associated with Perl EP3 templates, potentially enabling attackers to execute malicious code within the system. As a result, it is crucial for users of this version to assess their configuration settings and apply necessary mitigations to safeguard against potential exploitation.

References

Timeline

  • Vulnerability published

  • Vulnerability Reserved

.