F5 Networks BIG-IP : GeoIP vulnerability (K23124150)
Medium Nessus Plugin ID 118644
SynopsisThe remote device is missing a vendor-supplied security patch.
DescriptionCarefully crafted URLs can be used to reflect arbitrary content into
GeoIP lookup responses, potentially exposing clients to XSS.
Clients accessing the affected system may be exposed to cross-site
scripting (XSS) attacks. This vulnerability does not affect data plane
BIG-IQ / F5 iWorkflow / Enterprise Manager / ARX / LineRate / Traffix
There is no impact; these F5 products are not affected by this
SolutionUpgrade to one of the non-vulnerable versions listed in the F5