{"containers": {"cna": {"affected": [{"product": "n/a", "vendor": "n/a", "versions": [{"status": "affected", "version": "n/a"}]}], "descriptions": [{"lang": "en", "value": "Cross-site scripting (XSS) vulnerability in the traffic overview page on the F5 ASM appliance 10.0.0 through 11.2.0 HF2 allows remote attackers to inject arbitrary web script or HTML via crafted requests that are later listed on a summary page."}], "problemTypes": [{"descriptions": [{"description": "n/a", "lang": "en", "type": "text"}]}], "providerMetadata": {"dateUpdated": "2012-09-11T18:00:00Z", "orgId": "37e5125f-f79b-445b-8fad-9564f167944b", "shortName": "certcc"}, "references": [{"name": "VU#143395", "tags": ["third-party-advisory", "x_refsource_CERT-VN"], "url": "http://www.kb.cert.org/vuls/id/143395"}, {"tags": ["x_refsource_MISC"], "url": "https://support.f5.com/kb/en-us/solutions/public/13000/800/sol13838.html"}], "x_legacyV4Record": {"CVE_data_meta": {"ASSIGNER": "cert@cert.org", "ID": "CVE-2012-2975", "STATE": "PUBLIC"}, "affects": {"vendor": {"vendor_data": [{"product": {"product_data": [{"product_name": "n/a", "version": {"version_data": [{"version_value": "n/a"}]}}]}, "vendor_name": "n/a"}]}}, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": {"description_data": [{"lang": "eng", "value": "Cross-site scripting (XSS) vulnerability in the traffic overview page on the F5 ASM appliance 10.0.0 through 11.2.0 HF2 allows remote attackers to inject arbitrary web script or HTML via crafted requests that are later listed on a summary page."}]}, "problemtype": {"problemtype_data": [{"description": [{"lang": "eng", "value": "n/a"}]}]}, "references": {"reference_data": [{"name": "VU#143395", "refsource": "CERT-VN", "url": "http://www.kb.cert.org/vuls/id/143395"}, {"name": "https://support.f5.com/kb/en-us/solutions/public/13000/800/sol13838.html", "refsource": "MISC", "url": "https://support.f5.com/kb/en-us/solutions/public/13000/800/sol13838.html"}]}}}, "adp": [{"providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-06T19:50:05.383Z"}, "title": "CVE Program Container", "references": [{"name": "VU#143395", "tags": ["third-party-advisory", "x_refsource_CERT-VN", "x_transferred"], "url": "http://www.kb.cert.org/vuls/id/143395"}, {"tags": ["x_refsource_MISC", "x_transferred"], "url": "https://support.f5.com/kb/en-us/solutions/public/13000/800/sol13838.html"}]}]}, "cveMetadata": {"assignerOrgId": "37e5125f-f79b-445b-8fad-9564f167944b", "assignerShortName": "certcc", "cveId": "CVE-2012-2975", "datePublished": "2012-09-11T18:00:00Z", "dateReserved": "2012-05-30T00:00:00Z", "dateUpdated": "2024-09-17T04:09:41.128Z", "state": "PUBLISHED"}, "dataType": "CVE_RECORD", "dataVersion": "5.1"}

{}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:h:f5:application_security_manager_appliance:10.0.0:*:*:*:*:*:*:*", "matchCriteriaId": "B0E1D498-923C-4840-B11F-C53A73B393FA", "vulnerable": true}, {"criteria": "cpe:2.3:h:f5:application_security_manager_appliance:11.2.0:hf2:*:*:*:*:*:*", "matchCriteriaId": "35A1249F-C541-486B-8197-97C6ADD93839", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "cveTags": [], "descriptions": [{"lang": "en", "value": "Cross-site scripting (XSS) vulnerability in the traffic overview page on the F5 ASM appliance 10.0.0 through 11.2.0 HF2 allows remote attackers to inject arbitrary web script or HTML via crafted requests that are later listed on a summary page."}, {"lang": "es", "value": "Vulnerabilidad de ejecuci\u00f3n de secuencias de comandos en sitios cruzados (XSS) en la p\u00e1gina de la informaci\u00f3n de tr\u00e1fico en F5 ASM v10.0.0 hasta v11.2.0 HF2, permite a atacantes remotos inyectar secuencias de comandos web o HTML a trav\u00e9s de solicitudes modificadas que luego aparecen en una p\u00e1gina de resumen."}], "id": "CVE-2012-2975", "lastModified": "2012-09-12T13:53:41.477", "metrics": {"cvssMetricV2": [{"acInsufInfo": false, "baseSeverity": "MEDIUM", "cvssData": {"accessComplexity": "MEDIUM", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "NONE", "baseScore": 4.3, "confidentialityImpact": "NONE", "integrityImpact": "PARTIAL", "vectorString": "AV:N/AC:M/Au:N/C:N/I:P/A:N", "version": "2.0"}, "exploitabilityScore": 8.6, "impactScore": 2.9, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": true}]}, "published": "2012-09-11T18:55:01.097", "references": [{"source": "cret@cert.org", "tags": ["US Government Resource"], "url": "http://www.kb.cert.org/vuls/id/143395"}, {"source": "cret@cert.org", "url": "https://support.f5.com/kb/en-us/solutions/public/13000/800/sol13838.html"}], "sourceIdentifier": "cret@cert.org", "vulnStatus": "Analyzed", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-79"}], "source": "nvd@nist.gov", "type": "Primary"}]}

{}