CVE-2008-6474

Name of the Vulnerable Software and Affected Versions F5 BIG-IP version 9.4.3

Description The issue concerns the management interface, where remote authenticated users with Resource Manager privileges can inject arbitrary Perl code. This is achieved through unspecified configuration settings related to Perl EP3 with templates, likely resulting in static code injection.

Recommendations For F5 BIG-IP version 9.4.3, consider restricting access to the management interface and Resource Manager privileges to minimize the risk of exploitation. As a temporary workaround, review and restrict configuration settings related to Perl EP3 with templates to prevent arbitrary code injection. At the moment, there is no information about a newer version that contains a fix for this vulnerability.