Description
On BIG-IP AFM 15.0.0-15.0.1, 14.0.0-14.1.2, 13.1.0-13.1.3.1, and 12.1.0-12.1.5, a vulnerability in the AFM configuration utility may allow any authenticated BIG-IP user to run an SQL injection attack.
Affected products
- F5 / BIG-IP AFM15.0.0-15.0.1 – 15.0.0-15.0.1
- F5 / BIG-IP AFM14.0.0-14.1.2 – 14.0.0-14.1.2
- F5 / BIG-IP AFM13.1.0-13.1.3.1 – 13.1.0-13.1.3.1
- F5 / BIG-IP AFM12.1.0-12.1.5 – 12.1.0-12.1.5