vulnerability

F5 Networks: CVE-2018-5521: K23124150: GeoIP vulnerability CVE-2018-5521

Try Surface Command

Back to search

Severity	CVSS	Published	Added	Modified
4	(AV:N/AC:M/Au:N/C:N/I:P/A:N)	May 30, 2018	May 31, 2018	Aug 23, 2024

Severity

CVSS

(AV:N/AC:M/Au:N/C:N/I:P/A:N)

Published

May 30, 2018

Added

May 31, 2018

Modified

Aug 23, 2024

Description

On F5 BIG-IP 12.1.0-12.1.3.1, 11.6.1-11.6.3.1, 11.5.1-11.5.5, or 11.2.1, carefully crafted URLs can be used to reflect arbitrary content into GeoIP lookup responses, potentially exposing clients to XSS.

Solution

f5-big-ip-upgrade-latest

References

CVE-2018-5521
https://attackerkb.com/topics/CVE-2018-5521
URL-https://my.f5.com/manage/s/article/K23124150

NEW

Explore Exposure Command

Confidently identify and prioritize exposures from endpoint to cloud with full attack surface visibility and threat-aware risk context.

Try it today