Vulnerability CVE-2014-6032

Vulnerability CVE-2014-6032

Published: 2014-11-01 Modified: 2014-11-02

Description:

	Topic	Author	Date
High	F5 Networks Big-IP XML External Entity Injection	Portcullis Advis...	30.10.2014

CVSS Base Score	Impact Subscore	Exploitability Subscore
5.5/10	4.9/10	8/10

Affected software
F5 -> Big-ip application security manager
F5 -> Big-ip advanced firewall manager
F5 -> Big-ip analytics
F5 -> Big-ip application acceleration manager
F5 -> Big-ip edge gateway
F5 -> Big-ip global traffic manager
F5 -> Big-ip link controller
F5 -> Big-ip local traffic manager
F5 -> Big-ip policy enforcement manager
F5 -> Big-ip protocol security module
F5 -> Big-ip wan optimization manager
F5 -> Big-ip webaccelerator
F5 -> Enterprise manager

http://packetstormsecurity.com/files/128915/F5-Big-IP-11.3.0.39.0-XML-External-Entity-Injection-1.html

http://seclists.org/fulldisclosure/2014/Oct/128

http://seclists.org/fulldisclosure/2014/Oct/129

http://seclists.org/fulldisclosure/2014/Oct/130

http://www.securityfocus.com/bid/70834

http://www.securitytracker.com/id/1031144

http://www.securitytracker.com/id/1031145

https://exchange.xforce.ibmcloud.com/vulnerabilities/98402

https://exchange.xforce.ibmcloud.com/vulnerabilities/98403

https://support.f5.com/kb/en-us/solutions/public/15000/600/sol15605.html

https://www.portcullis-security.com/security-research-and-downloads/security-advisories/cve-2014-6032/

https://www.portcullis-security.com/security-research-and-downloads/security-advisories/cve-2014-6033/