CVEDB API

Vulnerabilities

By Date
Known Exploited
Advanced Search

Vulnerable Software

Vendors
Products

Vulnerability Details CVE-2022-27880

On F5 Traffix SDC 5.2.x versions prior to 5.2.2 and 5.1.x versions prior to 5.1.35, a stored Cross-Site Scripting (XSS) vulnerability exists in an undisclosed page of the Traffix SDC Configuration utility that allows an attacker to execute JavaScript in the context of the currently logged-in user. Note: Software versions which have reached End of Technical Support (EoTS) are not evaluated

Exploit prediction scoring system (EPSS) score

EPSS Score 0.002

EPSS Ranking 38.6%

CVSS Severity

CVSS v3 Score 4.8

CVSS v2 Score 3.5

References

https://support.f5.com/csp/article/K17341495
https://support.f5.com/csp/article/K17341495

Products affected by CVE-2022-27880

F5 » Traffix Signaling Delivery Controller » Version: 5.1.0

cpe:2.3:a:f5:traffix_signaling_delivery_controller:5.1.0
F5 » Traffix Signaling Delivery Controller » Version: 5.2.0

cpe:2.3:a:f5:traffix_signaling_delivery_controller:5.2.0

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2022-27880

Products

Pricing

Contact Us