XML External Entity (XXE) vulnerability in F5 BIG-IP allows remote file read

XML External Entity (XXE) vulnerability in F5 BIG-IP allows remote file read

CVE-2012-2997 · MEDIUM Severity

AV:N/AC:L/AU:S/C:P/I:N/A:N

XML External Entity (XXE) vulnerability in sam/admin/vpe2/public/php/server.php in F5 BIG-IP 10.0.0 through 10.2.4 and 11.0.0 through 11.2.1 allows remote authenticated users to read arbitrary files via a crafted XML file.

Learn more about our Cis Benchmark Audit For F5.