Описание
On all versions of Guided Configuration before 8.0.0, when a configuration that contains secure properties is created and deployed from Access Guided Configuration (AGC), secure properties are logged in restnoded logs. Note: Software versions which have reached End of Technical Support (EoTS) are not evaluated.
Ссылки
- Vendor Advisory
- Vendor Advisory
Уязвимые конфигурации
Конфигурация 1Версия от 13.1.0 (включая) до 13.1.4 (включая)Версия от 14.1.0 (включая) до 14.1.4 (включая)Версия от 15.1.0 (включая) до 15.1.3 (включая)Версия от 16.0.0 (включая) до 16.1.0 (исключая)Версия до 8.0.0 (исключая)
Одно из
cpe:2.3:a:f5:big-ip_access_policy_manager:*:*:*:*:*:*:*:*
cpe:2.3:a:f5:big-ip_access_policy_manager:*:*:*:*:*:*:*:*
cpe:2.3:a:f5:big-ip_access_policy_manager:*:*:*:*:*:*:*:*
cpe:2.3:a:f5:big-ip_access_policy_manager:*:*:*:*:*:*:*:*
cpe:2.3:a:f5:big-ip_guided_configuration:*:*:*:*:*:*:*:*
EPSS
Процентиль: 47%
0.00242
Низкий
4.9 Medium
CVSS3
3.5 Low
CVSS2
Дефекты
CWE-532
CWE-532
Связанные уязвимости
github
больше 3 лет назад
On all versions of Guided Configuration before 8.0.0, when a configuration that contains secure properties is created and deployed from Access Guided Configuration (AGC), secure properties are logged in restnoded logs. Note: Software versions which have reached End of Technical Support (EoTS) are not evaluated.
EPSS
Процентиль: 47%
0.00242
Низкий
4.9 Medium
CVSS3
3.5 Low
CVSS2
Дефекты
CWE-532
CWE-532