Vulnerabilities > F5 > BIG IP Analytics > 12.1.4

DATE CVE VULNERABILITY TITLE RISK
2019-02-20 CVE-2019-8331 Cross-site Scripting vulnerability in multiple products
In Bootstrap before 3.4.1 and 4.3.x before 4.3.1, XSS is possible in the tooltip or popover data-template attribute.
network
low complexity
getbootstrap f5 redhat tenable CWE-79
6.1
2018-12-28 CVE-2018-15333 Unrestricted Upload of File with Dangerous Type vulnerability in F5 products
On versions 11.2.1.
local
low complexity
f5 CWE-434
5.5
2018-09-06 CVE-2018-5391 Improper Input Validation vulnerability in multiple products
The Linux kernel, versions 3.9+, is vulnerable to a denial of service attack with low rates of specially modified packets targeting IP fragment re-assembly.
7.5