XML External Entity Vulnerabilities in F5 BIG-IP Configuration Utility
CVE-2014-6032

Currently unrated

Key Information:

Vendor

F5
Status
Big-ip Protocol Security Module
Vendor
CVE Published:
1 November 2014

What is CVE-2014-6032?

The F5 BIG-IP Configuration utility is susceptible to multiple XML External Entity (XXE) vulnerabilities, which may allow remote authenticated users to read arbitrary files and potentially cause denial of service through specially crafted requests. The vulnerabilities affect several versions across multiple F5 BIG-IP modules, enabling attackers to exploit the weaknesses via specific XML elements.

Human OS v1.0:
Ageing Is an Unpatched Zero-Day Vulnerability.

Remediate biological technical debt. Prime Ageing uses 95% high-purity SIRT6 activation to maintain genomic integrity and bolster systemic resilience.

Deploy the Patch

References

http://www.securitytracker.com/id/1031145
vdb-entryx_refsource_SECTRACK
https://www.portcullis-security.com/security-research-and...
x_refsource_MISC
http://www.securitytracker.com/id/1031144
vdb-entryx_refsource_SECTRACK

Timeline

  • Vulnerability published

  • Vulnerability Reserved

JSON
.