F5

Big-ip Access Policy Manager

538 vulnerabilities found.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
5.9

CVE-2018-5522

  • EPSS 0.68%
  • Published 01.06.2018 14:29:00
  • Last modified 21.11.2024 04:08:59

On F5 BIG-IP 13.0.0, 12.0.0-12.1.2, 11.6.1-11.6.3.1, 11.5.1-11.5.5, or 11.2.1, when processing DIAMETER transactions with carefully crafted attribute-value pairs, TMM may crash.

7.2

CVE-2018-5523

  • EPSS 0.42%
  • Published 01.06.2018 14:29:00
  • Last modified 21.11.2024 04:08:59

On F5 BIG-IP 13.1.0-13.1.0.3, 13.0.0, 12.1.0-12.1.3.1, 11.6.1-11.6.3.1, 11.5.1-11.5.5, or 11.2.1 and Enterprise Manager 3.1.1, when authenticated administrative users run commands in the Traffic Management User Interface (TMUI), also referred to as t...

5.3

CVE-2018-5524

  • EPSS 0.6%
  • Published 01.06.2018 14:29:00
  • Last modified 21.11.2024 04:08:59

Under certain conditions, on F5 BIG-IP 13.0.0-13.1.0.5, 12.1.0-12.1.3.1, or 11.6.1 HF2-11.6.3.1, virtual servers configured with Client SSL or Server SSL profiles which make use of network hardware security module (HSM) functionality are exposed and ...

4.3

CVE-2018-5525

  • EPSS 0.16%
  • Published 01.06.2018 14:29:00
  • Last modified 21.11.2024 04:08:59

A local file vulnerability exists in the F5 BIG-IP Configuration utility on versions 13.0.0, 12.1.0-12.1.2, 11.6.1-11.6.3.1, 11.5.1-11.5.5, or 11.2.1 that exposes files containing F5-provided data only and do not include any configuration data, proxi...

7.8

CVE-2018-5512

  • EPSS 2.23%
  • Published 02.05.2018 13:29:00
  • Last modified 21.11.2024 04:08:57

On F5 BIG-IP 13.1.0-13.1.0.5, when Large Receive Offload (LRO) and SYN cookies are enabled (default settings), undisclosed traffic patterns may cause TMM to restart.

7.5

CVE-2018-5514

  • EPSS 2.68%
  • Published 02.05.2018 13:29:00
  • Last modified 21.11.2024 04:08:58

On F5 BIG-IP 13.1.0-13.1.0.5, maliciously crafted HTTP/2 request frames can lead to denial of service. There is data plane exposure for virtual servers when the HTTP2 profile is enabled. There is no control plane exposure to this issue.

6.3

CVE-2018-5515

  • EPSS 4.03%
  • Published 02.05.2018 13:29:00
  • Last modified 21.11.2024 04:08:58

On F5 BIG-IP 13.0.0-13.1.0.5, using RADIUS authentication responses from a RADIUS server with IPv6 addresses may cause TMM to crash, leading to a failover event.

4.7

CVE-2018-5516

  • EPSS 0.12%
  • Published 02.05.2018 13:29:00
  • Last modified 21.11.2024 04:08:58

On F5 BIG-IP 13.0.0-13.1.0.5, 12.1.0-12.1.2, or 11.2.1-11.6.3.1, Enterprise Manager 3.1.1, BIG-IQ Centralized Management 5.0.0-5.4.0 or 4.6.0, BIG-IQ Cloud and Orchestration 1.0.0, or F5 iWorkflow 2.0.2-2.3.0, authenticated users granted TMOS Shell (...

7.5

CVE-2018-5517

  • EPSS 0.75%
  • Published 02.05.2018 13:29:00
  • Last modified 21.11.2024 04:08:58

On F5 BIG-IP 13.1.0-13.1.0.5, malformed TCP packets sent to a self IP address or a FastL4 virtual server may cause an interruption of service. The control plane is not exposed to this issue. This issue impacts the data plane virtual servers and self ...

5.4

CVE-2018-5518

  • EPSS 0.11%
  • Published 02.05.2018 13:29:00
  • Last modified 21.11.2024 04:08:58

On F5 BIG-IP 13.0.0-13.1.0.5 or 12.0.0-12.1.3.3, malicious root users with access to a VCMP guest can cause a disruption of service on adjacent VCMP guests running on the same host. Exploiting this vulnerability causes the vCMPd process on the adjace...