CVE-2019-6653
MEDIUMF5 BIG-IQ Centralized Management 5.2.0-5.4.0 - Stored Cross-Site Scripting in Undisclosed Page
Title source: llmDescription
There is a Stored Cross Site Scripting vulnerability in the undisclosed page of a BIG-IQ 6.0.0-6.1.0 or 5.2.0-5.4.0 system. The attack can be stored by users granted the Device Manager and Administrator roles.
References (2)
Core 2
Core References
Vendor Advisory x_refsource_misc
https://support.f5.com/csp/article/K71712132
Vendor Advisory x_refsource_confirm
https://support.f5.com/csp/article/K71712132?utm_source=f5support&%3Butm_medium=RSS
Scores
CVSS v3
5.4
EPSS
0.0021
EPSS Percentile
42.9%
Attack Vector
NETWORK
CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N
Details
CWE
CWE-79
Status
published
Products (1)
f5/big-iq_centralized_management
5.2.0 - 5.4.0
Published
Sep 25, 2019
Tracked Since
Feb 18, 2026