VYPR
Medium severity5.4NVD Advisory· Published Dec 21, 2017· Updated Jun 17, 2026

CVE-2017-0304

CVE-2017-0304

Description

A SQL injection vulnerability exists in the BIG-IP AFM management UI on versions 12.0.0, 12.1.0, 12.1.1, 12.1.2 and 13.0.0 that may allow a copy of the firewall rules to be tampered with and impact the Configuration Utility until there is a resync of the rules. Traffic processing and the live firewall rules in use are not affected.

Affected products

2
  • F5, Inc./Big Ip (afm)llm-fuzzy2 versions
    12.0.0, 12.1.0, 12.1.1, 12.1.2, 13.0.0+ 1 more
    • (no CPE)range: 12.0.0, 12.1.0, 12.1.1, 12.1.2, 13.0.0
    • (no CPE)range: 12.0.0, 12.1.0, 12.1.1, 12.1.2

Patches

Vulnerability mechanics

References

3

News mentions

0

No linked articles in our index yet.