Vulnerabilities > F5 > BIG IP Application Security Manager > 9.6.0
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2015-09-17 | CVE-2015-4040 | Path Traversal vulnerability in F5 products Directory traversal vulnerability in the configuration utility in F5 BIG-IP before 12.0.0 and Enterprise Manager 3.0.0 through 3.1.1 allows remote authenticated users to access arbitrary files in the web root via unspecified vectors. | 4.0 |
2015-01-15 | CVE-2015-1050 | Cross-site Scripting vulnerability in F5 Big-Ip Application Security Manager Cross-site scripting (XSS) vulnerability in F5 BIG-IP Application Security Manager (ASM) before 11.6 allows remote attackers to inject arbitrary web script or HTML via the Response Body field when creating a new user account. | 4.3 |