Vulnerability Details CVE-2019-6653
There is a Stored Cross Site Scripting vulnerability in the undisclosed page of a BIG-IQ 6.0.0-6.1.0 or 5.2.0-5.4.0 system. The attack can be stored by users granted the Device Manager and Administrator roles.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.002
EPSS Ranking 47.9%
CVSS Severity
CVSS v3 Score 5.4
CVSS v2 Score 3.5
References
Products affected by CVE-2019-6653
-
cpe:2.3:a:f5:big-iq_centralized_management:5.2.0
-
cpe:2.3:a:f5:big-iq_centralized_management:5.3.0
-
cpe:2.3:a:f5:big-iq_centralized_management:5.4.0
-
cpe:2.3:a:f5:big-iq_centralized_management:6.0.0
-
cpe:2.3:a:f5:big-iq_centralized_management:6.0.1
-
cpe:2.3:a:f5:big-iq_centralized_management:6.1.0