F5

Big-ip Access Policy Manager

538 vulnerabilities found.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
7.5

CVE-2019-6666

  • EPSS 0.89%
  • Published 27.11.2019 22:15:11
  • Last modified 21.11.2024 04:46:54

On BIG-IP 15.0.0-15.0.1, 14.1.0-14.1.0.5, 14.0.0-14.0.0.4, and 13.1.0-13.1.1.4, the TMM process may produce a core file when an upstream server or cache sends the BIG-IP an invalid age header value.

7.5

CVE-2019-6667

  • EPSS 0.89%
  • Published 27.11.2019 22:15:11
  • Last modified 21.11.2024 04:46:55

On BIG-IP 15.0.0-15.0.1, 14.1.0-14.1.0.5, 14.0.0-14.0.0.4, 13.1.0-13.1.1.5, 12.1.0-12.1.4.1, and 11.5.1-11.6.5, under certain conditions, TMM may consume excessive resources when processing traffic for a Virtual Server with the FIX (Financial Informa...

5.5

CVE-2019-6668

  • EPSS 0.18%
  • Published 27.11.2019 22:15:11
  • Last modified 21.11.2024 04:46:55

The BIG-IP APM Edge Client for macOS bundled with BIG-IP APM 15.0.0-15.0.1, 14.1.0-14.1.0.5, 14.0.0-14.0.0.4, 13.1.0-13.1.1.5, 12.1.0-12.1.5, and 11.5.1-11.6.5 may allow unprivileged users to access files owned by root.

7.5

CVE-2019-6669

  • EPSS 0.89%
  • Published 27.11.2019 22:15:11
  • Last modified 21.11.2024 04:46:55

On BIG-IP 15.0.0-15.0.1, 14.1.0-14.1.2, 14.0.0-14.0.1, 13.1.0-13.1.3.1, 12.1.0-12.1.5, and 11.5.1-11.6.5.1, undisclosed traffic flow may cause TMM to restart under some circumstances.

4.4

CVE-2019-6670

  • EPSS 0.1%
  • Published 27.11.2019 22:15:11
  • Last modified 21.11.2024 04:46:55

On BIG-IP 15.0.0-15.0.1, 14.1.0-14.1.2, 14.0.0-14.0.1, 13.1.0-13.1.3.1, 12.1.0-12.1.5, and 11.5.1-11.6.5, vCMP hypervisors are incorrectly exposing the plaintext unit key for their vCMP guests on the filesystem.

7.5

CVE-2019-6671

  • EPSS 0.89%
  • Published 27.11.2019 22:15:11
  • Last modified 21.11.2024 04:46:55

On BIG-IP 15.0.0-15.0.1, 14.1.0-14.1.2, 14.0.0-14.0.1, and 13.1.0-13.1.3.1, under certain conditions tmm may leak memory when processing packet fragments, leading to resource starvation.

7.5

CVE-2019-6673

  • EPSS 0.89%
  • Published 27.11.2019 22:15:11
  • Last modified 21.11.2024 04:46:55

On versions 15.0.0-15.0.1 and 14.0.0-14.1.2, when the BIG-IP is configured in HTTP/2 Full Proxy mode, specifically crafted requests may cause a disruption of service provided by the Traffic Management Microkernel (TMM).

9.8

CVE-2019-6675

  • EPSS 0.14%
  • Published 26.11.2019 15:15:13
  • Last modified 21.11.2024 04:46:56

BIG-IP configurations using Active Directory, LDAP, or Client Certificate LDAP for management authentication with multiple servers are exposed to a vulnerability which allows an authentication bypass. This can result in a complete compromise of the s...

7.5

CVE-2019-6659

  • EPSS 0.9%
  • Published 15.11.2019 21:15:11
  • Last modified 21.11.2024 04:46:54

On version 14.0.0-14.1.0.1, BIG-IP virtual servers with TLSv1.3 enabled may experience a denial of service due to undisclosed incoming messages.

7.5

CVE-2019-6660

  • EPSS 0.89%
  • Published 15.11.2019 21:15:11
  • Last modified 21.11.2024 04:46:54

On BIG-IP 14.1.0-14.1.2, 14.0.0-14.0.1, and 13.1.0-13.1.1, undisclosed HTTP requests may consume excessive amounts of systems resources which may lead to a denial of service.