CVE-2012-3000

Name of the Vulnerable Software and Affected Versions F5 BIG-IP LTM, GTM, ASM, Link Controller, PSM, APM, Edge Gateway, and Analytics versions prior to 11.2.0-HF3 F5 WebAccelerator and WOM versions prior to 11.2.0-HF3 and prior to 11.2.1-HF3

Description The issue allows remote authenticated users to execute arbitrary SQL commands. This is achieved via the defaultQuery parameter in the sam/admin/reports/php/saveSettings.php file of the APM WebGUI and AVR WebGUI.

Recommendations For F5 BIG-IP LTM, GTM, ASM, Link Controller, PSM, APM, Edge Gateway, and Analytics versions prior to 11.2.0-HF3, update to version 11.2.0-HF3 or later. For F5 WebAccelerator and WOM versions prior to 11.2.0-HF3, update to version 11.2.0-HF3 or later. For F5 WebAccelerator and WOM versions prior to 11.2.1-HF3, update to version 11.2.1-HF3 or later. As a temporary workaround, consider restricting access to the defaultQuery parameter in the affected API endpoint until a patch is available.