In BIG-IP versions 15.0.0-15.1.0.4, 14.1.0-14.1.2.6, 13.1.0-13.1.3.3, 12.1.0-12.1.5.1, and 11.6.1-11.6.5.2, iControl REST does not implement Cross Site Request Forgery protections for users which make use of Basic Authentication in a web browser.
History

No history.

cve-icon MITRE

Status: PUBLISHED

Assigner: f5

Published: 2020-08-26T14:44:42

Updated: 2024-08-04T08:47:40.753Z

Reserved: 2020-01-06T00:00:00

Link: CVE-2020-5922

cve-icon Vulnrichment

No data.

cve-icon NVD

Status : Analyzed

Published: 2020-08-26T15:15:13.477

Modified: 2020-09-02T16:35:32.047

Link: CVE-2020-5922

cve-icon Redhat

No data.