XML External Entity Vulnerabilities in F5 BIG-IP Configuration Utility
CVE-2014-6032
Currently unrated
Summary
The F5 BIG-IP Configuration utility is susceptible to multiple XML External Entity (XXE) vulnerabilities, which may allow remote authenticated users to read arbitrary files and potentially cause denial of service through specially crafted requests. The vulnerabilities affect several versions across multiple F5 BIG-IP modules, enabling attackers to exploit the weaknesses via specific XML elements.
References
Timeline
Vulnerability published
Vulnerability Reserved