PT-2015-6396 · Oracle+1 · Enterprise Manager+1
Published
2015-09-17
·
Updated
2026-01-30
·
CVE-2015-4040
CVSS v2.0
4.0
Medium
| Vector | AV:N/AC:L/Au:S/C:P/I:N/A:N |
Name of the Vulnerable Software and Affected Versions
F5 BIG-IP versions prior to 12.0.0
Enterprise Manager versions 3.0.0 through 3.1.1
Description
A directory traversal issue exists in the configuration utility, allowing remote authenticated users to access arbitrary files in the web root.
Recommendations
For F5 BIG-IP versions prior to 12.0.0, update to version 12.0.0 or later.
For Enterprise Manager versions 3.0.0 through 3.1.1, update to a version outside of this range.
Exploit
Fix
Path traversal
Found an issue in the description? Have something to add? Feel free to write us 👾
Weakness Enumeration
Related Identifiers
Affected Products
Enterprise Manager
F5 Big-Ip