CVE-2018-15322
- EPSS 1.13%
- Veröffentlicht 31.10.2018 14:29:00
- Zuletzt bearbeitet 21.11.2024 03:50:33
On BIG-IP 14.0.0-14.0.0.2, 13.0.0-13.1.0.7, 12.1.0-12.1.3.5, 11.6.0-11.6.3.2, or 11.2.1-11.5.6, BIG-IQ Centralized Management 6.0.0-6.0.1, 5.0.0-5.4.0 or 4.6.0, BIG-IQ Cloud and Orchestration 1.0.0, iWorkflow 2.0.1-2.3.0, or Enterprise Manager 3.1.1 ...
CVE-2018-15323
- EPSS 1.09%
- Veröffentlicht 31.10.2018 14:29:00
- Zuletzt bearbeitet 21.11.2024 03:50:33
On BIG-IP 14.0.0-14.0.0.2 or 13.0.0-13.1.1.1, in certain circumstances, when processing traffic through a Virtual Server with an associated MQTT profile, the TMM process may produce a core file and take the configured HA action.
CVE-2018-15324
- EPSS 1.27%
- Veröffentlicht 31.10.2018 14:29:00
- Zuletzt bearbeitet 21.11.2024 03:50:33
On BIG-IP APM 14.0.0-14.0.0.2 or 13.0.0-13.1.1.1, TMM may restart when processing a specially crafted request with APM portal access.
CVE-2018-15325
- EPSS 1.03%
- Veröffentlicht 31.10.2018 14:29:00
- Zuletzt bearbeitet 21.11.2024 03:50:33
In BIG-IP 14.0.0-14.0.0.2 or 13.0.0-13.1.1.1, iControl and TMSH usage by authenticated users may leak a small amount of memory when executing commands
CVE-2018-15326
- EPSS 0.55%
- Veröffentlicht 31.10.2018 14:29:00
- Zuletzt bearbeitet 21.11.2024 03:50:34
In some situations on BIG-IP APM 14.0.0-14.0.0.2, 13.0.0-13.1.0.7, 12.1.0-12.1.3.5, or 11.6.0-11.6.3.2, the CRLDP Auth access policy agent may treat revoked certificates as valid when the BIG-IP APM system fails to download a new Certificate Revocati...
CVE-2018-15327
- EPSS 1.18%
- Veröffentlicht 31.10.2018 14:29:00
- Zuletzt bearbeitet 21.11.2024 03:50:34
In BIG-IP 14.0.0-14.0.0.2 or 13.0.0-13.1.1.1 or Enterprise Manager 3.1.1, when authenticated administrative users run commands in the Traffic Management User Interface (TMUI), also referred to as the BIG-IP Configuration utility, restrictions on allo...
CVE-2018-15312
- EPSS 0.93%
- Veröffentlicht 19.10.2018 13:29:00
- Zuletzt bearbeitet 21.11.2024 03:50:32
On F5 BIG-IP 13.0.0-13.1.1.1 and 12.1.0-12.1.3.6, a reflected Cross-Site Scripting (XSS) vulnerability exists in an undisclosed page of the BIG-IP Configuration utility that allows an authenticated user to execute JavaScript for the currently logged-...
CVE-2018-15315
- EPSS 0.92%
- Veröffentlicht 19.10.2018 13:29:00
- Zuletzt bearbeitet 21.11.2024 03:50:32
On F5 BIG-IP 13.0.0-13.1.1.1 and 12.1.0-12.1.3.6, there is a reflected Cross Site Scripting (XSS) vulnerability in an undisclosed Configuration Utility page.
CVE-2018-15316
- EPSS 0.59%
- Veröffentlicht 19.10.2018 13:29:00
- Zuletzt bearbeitet 21.11.2024 03:50:32
In F5 BIG-IP APM 13.0.0-13.1.1.1, APM Client 7.1.5-7.1.6, and/or Edge Client 7101-7160, the BIG-IP APM Edge Client component loads the policy library with user permission and bypassing the endpoint checks.
CVE-2018-15311
- EPSS 1.42%
- Veröffentlicht 10.10.2018 14:29:00
- Zuletzt bearbeitet 21.11.2024 03:50:31
When F5 BIG-IP 13.0.0-13.1.0.5, 12.1.0-12.1.3.5, 11.6.0-11.6.3.2, or 11.5.1-11.5.6 is processing specially crafted TCP traffic with the Large Receive Offload (LRO) feature enabled, TMM may crash, leading to a failover event. This vulnerability is not...