CVE-2023-22657
- EPSS 0.2%
- Veröffentlicht 01.02.2023 18:15:11
- Zuletzt bearbeitet 21.11.2024 07:45:08
On F5OS-A beginning in version 1.2.0 to before 1.3.0 and F5OS-C beginning in version 1.3.0 to before 1.5.0, processing F5OS tenant file names may allow for command injection. Note: Software versions which have reached End of Technical Support (EoTS)...
CVE-2022-41780
- EPSS 0.12%
- Veröffentlicht 19.10.2022 22:15:13
- Zuletzt bearbeitet 21.11.2024 07:23:49
In F5OS-A version 1.x before 1.1.0 and F5OS-C version 1.x before 1.4.0, a directory traversal vulnerability exists in an undisclosed location of the F5OS CLI that allows an attacker to read arbitrary files.
CVE-2022-41835
- EPSS 0.14%
- Veröffentlicht 19.10.2022 22:15:13
- Zuletzt bearbeitet 21.11.2024 07:23:54
In F5OS-A version 1.x before 1.1.0 and F5OS-C version 1.x before 1.5.0, excessive file permissions in F5OS allows an authenticated local attacker to execute limited set of commands in a container and impact the F5OS controller.
CVE-2002-20001
- EPSS 14.68%
- Veröffentlicht 11.11.2021 19:15:07
- Zuletzt bearbeitet 22.08.2025 10:33:16
The Diffie-Hellman Key Agreement Protocol allows remote attackers (from the client side) to send arbitrary numbers that are actually not public keys, and trigger expensive server-side DHE modular-exponentiation calculations, aka a D(HE)at or D(HE)ate...