Description
F5 BIG-IP Analytics 11.x before 11.4.0 uses a predictable session cookie, which makes it easier for remote attackers to have unspecified impact by guessing the value.
References (2)
Core 2
Core References
Exploit, Vendor Advisory x_refsource_confirm
http://support.f5.com/kb/en-us/solutions/public/14000/300/sol14334.html
Third Party Advisory, VDB Entry vdb-entry
x_refsource_bid
http://www.securityfocus.com/bid/68792
Scores
EPSS
0.0064
EPSS Percentile
70.8%
Details
CWE
CWE-310
Status
published
Products (5)
f5/big-ip_analytics
11.0.0
f5/big-ip_analytics
11.1.0
f5/big-ip_analytics
11.2.0
f5/big-ip_analytics
11.2.1
f5/big-ip_analytics
11.3.0
Published
Oct 26, 2014
Tracked Since
Feb 18, 2026