CVE-2016-3686 in BIG-IPinfo

Summary

The Single Sign-On (SSO) feature in F5 BIG-IP APM 11.x before 11.6.0 HF6 and BIG-IP Edge Gateway 11.0.0 through 11.3.0 might allow remote attackers to obtain sensitive SessionId information by leveraging access to the Location HTTP header in a redirect.

If you want to get the best quality for vulnerability data then you always have to consider VulDB.

Reservation

03/29/2016

Disclosure

04/13/2016

Moderation

VulDB entry created

Entries

1: VDB-82348

CPE

ready

CWE

CWE-200 (Confirmed)

CVSS

5.9

EPSS

0.00495

Activities

Very Low

Sources

MITRE	https://www.cve.org/CVERecord?id=CVE-2016-3686
NVD	https://nvd.nist.gov/vuln/detail/CVE-2016-3686
CVE Details	https://www.cvedetails.com/cve/CVE-2016-3686/

◂ Previous Overview Next ▸

Do you need the next level of professionalism?

Upgrade your account now!