CVE-2013-0150
Published Aug 9, 2013
Last updated a year ago
Overview
- Description
- Directory traversal vulnerability in an unspecified signed Java applet in the client-side components in F5 BIG-IP APM 10.1.0 through 10.2.4 and 11.0.0 through 11.3.0, FirePass 6.0.0 through 6.1.0 and 7.0.0, and other products "when APM is provisioned," allows remote attackers to upload and execute arbitrary files via a .. (dot dot) in the filename parameter.
- Source
- cret@cert.org
- NVD status
- Analyzed
Social media
- Hype score
- Not currently trending
Risk scores
CVSS 2.0
- Type
- Primary
- Base score
- 9.3
- Impact score
- 10
- Exploitability score
- 8.6
- Vector string
- AV:N/AC:M/Au:N/C:C/I:C/A:C
Weaknesses
- nvd@nist.gov
- CWE-22
Configurations
[
{
"nodes": [
{
"negate": false,
"cpeMatch": [
{
"criteria": "cpe:2.3:a:f5:big-ip_access_policy_manager:*:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "79618AB4-7A8E-4488-8608-57EC2F8681FE",
"versionEndIncluding": "10.2.4",
"versionStartIncluding": "10.1.0"
},
{
"criteria": "cpe:2.3:a:f5:big-ip_access_policy_manager:*:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "384E40E2-6A1E-41EE-9075-C3D4E4C9DF3D",
"versionEndIncluding": "11.3.0",
"versionStartIncluding": "11.0.0"
},
{
"criteria": "cpe:2.3:a:f5:big-ip_advanced_firewall_manager:11.3.0:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "7507BDFF-5B52-4A06-9F8C-2B6F3958162A"
},
{
"criteria": "cpe:2.3:a:f5:big-ip_analytics:*:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "BA3E5454-D0E6-4BF9-B95F-A43ECE1A4C66",
"versionEndIncluding": "11.3.0",
"versionStartIncluding": "11.0.0"
},
{
"criteria": "cpe:2.3:a:f5:big-ip_application_security_manager:*:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "84B339AC-E904-4D62-81B6-61E1899F6855",
"versionEndIncluding": "10.2.4",
"versionStartIncluding": "10.1.0"
},
{
"criteria": "cpe:2.3:a:f5:big-ip_application_security_manager:*:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "AD998E02-0896-4970-8BF7-2D2A3EF3FD7B",
"versionEndIncluding": "11.3.0",
"versionStartIncluding": "11.0.0"
},
{
"criteria": "cpe:2.3:a:f5:big-ip_edge_gateway:*:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "A8347412-DC42-4B86-BF6E-A44A5E1541ED",
"versionEndIncluding": "10.2.4",
"versionStartIncluding": "10.1.0"
},
{
"criteria": "cpe:2.3:a:f5:big-ip_edge_gateway:*:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "C8942D9D-8E3A-4876-8E93-ED8D201FF546",
"versionEndIncluding": "11.3.0",
"versionStartIncluding": "11.0.0"
},
{
"criteria": "cpe:2.3:a:f5:big-ip_global_traffic_manager:*:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "70E5E739-25AE-4A53-A756-A7189C785AD9",
"versionEndIncluding": "10.2.4",
"versionStartIncluding": "10.1.0"
},
{
"criteria": "cpe:2.3:a:f5:big-ip_global_traffic_manager:*:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "FC253328-767A-4DC9-85FB-E8E5666B916B",
"versionEndIncluding": "11.3.0",
"versionStartIncluding": "11.0.0"
},
{
"criteria": "cpe:2.3:a:f5:big-ip_link_controller:*:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "6AD005AD-AC65-44D1-8DB0-86B8D7F8ABE3",
"versionEndIncluding": "10.2.4",
"versionStartIncluding": "10.1.0"
},
{
"criteria": "cpe:2.3:a:f5:big-ip_link_controller:*:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "64C91648-A64F-4D8A-9F60-DEE6CA181A87",
"versionEndIncluding": "11.3.0",
"versionStartIncluding": "11.0.0"
},
{
"criteria": "cpe:2.3:a:f5:big-ip_local_traffic_manager:*:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "43A25E12-3EDE-4984-9006-1FBCB1977F2C",
"versionEndIncluding": "10.2.4",
"versionStartIncluding": "10.1.0"
},
{
"criteria": "cpe:2.3:a:f5:big-ip_local_traffic_manager:*:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "E675191C-CA97-4F56-949A-DF2180C2C9F0",
"versionEndIncluding": "11.3.0",
"versionStartIncluding": "11.0.0"
},
{
"criteria": "cpe:2.3:a:f5:big-ip_policy_enforcement_manager:11.3.0:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "3CA52816-C4B7-4B1E-A950-EE9B571CB06B"
},
{
"criteria": "cpe:2.3:a:f5:big-ip_protocol_security_module:*:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "51E532C1-88C1-461F-9563-E74C0DCFBCBD",
"versionEndIncluding": "10.2.4",
"versionStartIncluding": "10.1.0"
},
{
"criteria": "cpe:2.3:a:f5:big-ip_protocol_security_module:*:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "A97C7ACA-7D67-49C1-BA1E-256CD9E337D8",
"versionEndIncluding": "11.3.0",
"versionStartIncluding": "11.0.0"
},
{
"criteria": "cpe:2.3:a:f5:big-ip_wan_optimization_manager:*:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "D2F00612-6DDC-448F-AF3F-5869A5EDF95B",
"versionEndIncluding": "10.2.4",
"versionStartIncluding": "10.1.0"
},
{
"criteria": "cpe:2.3:a:f5:big-ip_wan_optimization_manager:*:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "68BC025A-D45E-45FB-A4E4-1C89320B5BBE",
"versionEndIncluding": "11.3.0",
"versionStartIncluding": "11.0.0"
},
{
"criteria": "cpe:2.3:a:f5:big-ip_webaccelerator:*:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "99AC375E-C787-4D10-9062-36548041E343",
"versionEndIncluding": "10.2.4",
"versionStartIncluding": "10.1.0"
},
{
"criteria": "cpe:2.3:a:f5:big-ip_webaccelerator:*:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "7C75978B-566B-4353-8716-099CB8790EE0",
"versionEndIncluding": "11.3.0",
"versionStartIncluding": "11.0.0"
},
{
"criteria": "cpe:2.3:a:f5:firepass:*:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "15CE213B-F42C-4C2E-AFBD-852AB049FF8A",
"versionEndIncluding": "6.1.0",
"versionStartIncluding": "6.0.0"
},
{
"criteria": "cpe:2.3:a:f5:firepass:7.0.0:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "442D343A-973B-4C33-B99B-1EA2B7670DE5"
}
],
"operator": "OR"
}
]
}
]