Directory Traversal Vulnerability in F5 BIG-IP and Enterprise Manager
CVE-2015-4040

Currently unrated

Key Information:

Vendor
F5
Vendor
CVE Published:
17 September 2015

Summary

A directory traversal vulnerability exists in the configuration utility of F5 BIG-IP prior to version 12.0.0 and Enterprise Manager from versions 3.0.0 to 3.1.1. This weakness allows remote authenticated users to execute file access operations, potentially leading to unauthorized exposure of arbitrary files located in the web root. The exploit is facilitated through unspecified vectors, making it crucial for administrators to apply necessary updates and configurations to mitigate the risk of unauthorized data retrieval.

References

EPSS Score

10% chance of being exploited in the next 30 days.

Timeline

  • Vulnerability published

  • Vulnerability Reserved

.