Directory Traversal Vulnerability in F5 BIG-IP and Enterprise Manager
CVE-2015-4040

Currently unrated

Key Information:

Vendor

F5
Status
Enterprise Manager
Vendor
CVE Published:
17 September 2015

What is CVE-2015-4040?

A directory traversal vulnerability exists in the configuration utility of F5 BIG-IP prior to version 12.0.0 and Enterprise Manager from versions 3.0.0 to 3.1.1. This weakness allows remote authenticated users to execute file access operations, potentially leading to unauthorized exposure of arbitrary files located in the web root. The exploit is facilitated through unspecified vectors, making it crucial for administrators to apply necessary updates and configurations to mitigate the risk of unauthorized data retrieval.

Human OS v1.0:
Ageing Is an Unpatched Zero-Day Vulnerability.

Remediate biological technical debt. Prime Ageing uses 95% high-purity SIRT6 activation to maintain genomic integrity and bolster systemic resilience.

Deploy the Patch

References

http://packetstormsecurity.com/files/133931/F5-BigIP-10.2...
x_refsource_MISC
http://www.securitytracker.com/id/1033533
vdb-entryx_refsource_SECTRACK
https://support.f5.com/kb/en-us/solutions/public/17000/20...
x_refsource_CONFIRM

EPSS Score

6% chance of being exploited in the next 30 days.

Timeline

  • Vulnerability published

  • Vulnerability Reserved

JSON
.