Vulnerabilities > F5 > BIG IP Application Security Manager > 9.6.0

DATE CVE VULNERABILITY TITLE RISK
2015-09-17 CVE-2015-4040 Path Traversal vulnerability in F5 products
Directory traversal vulnerability in the configuration utility in F5 BIG-IP before 12.0.0 and Enterprise Manager 3.0.0 through 3.1.1 allows remote authenticated users to access arbitrary files in the web root via unspecified vectors.
network
low complexity
f5 CWE-22
4.0
4.0
2015-01-15 CVE-2015-1050 Cross-site Scripting vulnerability in F5 Big-Ip Application Security Manager
Cross-site scripting (XSS) vulnerability in F5 BIG-IP Application Security Manager (ASM) before 11.6 allows remote attackers to inject arbitrary web script or HTML via the Response Body field when creating a new user account.
network
f5 CWE-79
4.3
4.3