Security Advisory

CVE-2018-5548

CVE vulnerability detail — eXtreme Datacenter Security Operations

Published 2018-09-13 14:00:00

Last updated 2024-09-16 19:41:32

Assigner f5

State PUBLISHED

Description

On BIG-IP APM 11.6.0-11.6.3, an insecure AES ECB mode is used for orig_uri parameter in an undisclosed /vdesk link of APM virtual server configured with an access profile, allowing a malicious user to build a redirect URI value using different blocks of cipher texts.

← Browse all CVEs View on cve.org ↗