{"resultsPerPage":1,"startIndex":0,"totalResults":1,"format":"NVD_CVE","version":"2.0","timestamp":"2026-04-25T23:51:30.036","vulnerabilities":[{"cve":{"id":"CVE-2019-6599","sourceIdentifier":"f5sirt@f5.com","published":"2019-03-13T22:29:00.520","lastModified":"2024-11-21T04:46:46.753","vulnStatus":"Modified","cveTags":[],"descriptions":[{"lang":"en","value":"In BIG-IP 11.6.1-11.6.3.2 or 11.5.1-11.5.8, or Enterprise Manager 3.1.1, improper escaping of values in an undisclosed page of the configuration utility may result with an improper handling on the JSON response when it is injected by a malicious script via a remote cross-site scripting (XSS) attack."},{"lang":"es","value":"En BIG-IP 11.6.1-11.6.3.2 o 11.5.1-11.5.8, o Enterprise Manager 3.1.1, el escapado incorrecto de valores en una página sin reCVElar de la utilidad de configuración podría resultar en la gestión inadecuada de la respuesta JSON cuando es inyectada por un script malicioso mediante un ataque remoto de Cross-Site Scripting (XSS)."}],"metrics":{"cvssMetricV30":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.0","vectorString":"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N","baseScore":6.1,"baseSeverity":"MEDIUM","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"REQUIRED","scope":"CHANGED","confidentialityImpact":"LOW","integrityImpact":"LOW","availabilityImpact":"NONE"},"exploitabilityScore":2.8,"impactScore":2.7}],"cvssMetricV2":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"2.0","vectorString":"AV:N/AC:M/Au:N/C:N/I:P/A:N","baseScore":4.3,"accessVector":"NETWORK","accessComplexity":"MEDIUM","authentication":"NONE","confidentialityImpact":"NONE","integrityImpact":"PARTIAL","availabilityImpact":"NONE"},"baseSeverity":"MEDIUM","exploitabilityScore":8.6,"impactScore":2.9,"acInsufInfo":false,"obtainAllPrivilege":false,"obtainUserPrivilege":false,"obtainOtherPrivilege":false,"userInteractionRequired":true}]},"weaknesses":[{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"CWE-79"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_access_policy_manager:*:*:*:*:*:*:*:*","versionStartIncluding":"11.5.1","versionEndIncluding":"11.5.8","matchCriteriaId":"5917BC9C-20D5-46B1-8CAE-FF13944A6826"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_access_policy_manager:*:*:*:*:*:*:*:*","versionStartIncluding":"11.6.1","versionEndIncluding":"11.6.3","matchCriteriaId":"5CC4967B-F2FC-4A94-8A6D-469D5B9F98AA"}]}]}],"references":[{"url":"http://www.securityfocus.com/bid/107420","source":"f5sirt@f5.com","tags":["Third Party Advisory"]},{"url":"https://support.f5.com/csp/article/K46401178","source":"f5sirt@f5.com","tags":["Vendor Advisory"]},{"url":"http://www.securityfocus.com/bid/107420","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Third Party Advisory"]},{"url":"https://support.f5.com/csp/article/K46401178","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Vendor Advisory"]}]}}]}