Directory Traversal Vulnerability in F5 BIG-IP and Enterprise Manager
CVE-2015-4040
Currently unrated
Summary
A directory traversal vulnerability exists in the configuration utility of F5 BIG-IP prior to version 12.0.0 and Enterprise Manager from versions 3.0.0 to 3.1.1. This weakness allows remote authenticated users to execute file access operations, potentially leading to unauthorized exposure of arbitrary files located in the web root. The exploit is facilitated through unspecified vectors, making it crucial for administrators to apply necessary updates and configurations to mitigate the risk of unauthorized data retrieval.
References
EPSS Score
10% chance of being exploited in the next 30 days.
Timeline
Vulnerability published
Vulnerability Reserved