Vulnerability Description
The management interface in F5 BIG-IP 9.4.3 allows remote authenticated users with Resource Manager privileges to inject arbitrary Perl code via unspecified configuration settings related to Perl EP3 with templates, probably triggering static code injection.
CVSS Score
HIGH
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| F5 | Tmos | 9.4.3 |
Related Weaknesses (CWE)
References
- http://osvdb.org/51116
- http://www.securityfocus.com/archive/1/490496/100/0/threaded
- http://www.securityfocus.com/bid/28639
- https://exchange.xforce.ibmcloud.com/vulnerabilities/49308
- http://osvdb.org/51116
- http://www.securityfocus.com/archive/1/490496/100/0/threaded
- http://www.securityfocus.com/bid/28639
- https://exchange.xforce.ibmcloud.com/vulnerabilities/49308
FAQ
What is CVE-2008-6474?
CVE-2008-6474 is a vulnerability with a CVSS score of 9.0 (HIGH). The management interface in F5 BIG-IP 9.4.3 allows remote authenticated users with Resource Manager privileges to inject arbitrary Perl code via unspecified configuration settings related to Perl EP3 ...
How severe is CVE-2008-6474?
CVE-2008-6474 has been rated HIGH with a CVSS base score of 9.0/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2008-6474?
Check the references section above for vendor advisories and patch information. Affected products include: F5 Tmos.