CVE-2016-9253
- EPSS 1.34%
- Veröffentlicht 09.05.2017 15:29:00
- Zuletzt bearbeitet 13.05.2026 00:24:29
In F5 BIG-IP 12.1.0 through 12.1.2, specific websocket traffic patterns may cause a disruption of service for virtual servers configured to use the websocket profile.
CVE-2016-9256
- EPSS 1.04%
- Veröffentlicht 09.05.2017 15:29:00
- Zuletzt bearbeitet 13.05.2026 00:24:29
In F5 BIG-IP 12.1.0 through 12.1.2, permissions enforced by iControl can lag behind the actual permissions assigned to a user if the role_map is not reloaded between the time the permissions are changed and the time of the user's next request. This i...
CVE-2016-9257
- EPSS 0.79%
- Veröffentlicht 09.05.2017 15:29:00
- Zuletzt bearbeitet 13.05.2026 00:24:29
In F5 BIG-IP APM 12.0.0 through 12.1.2, non-authenticated users may be able to inject JavaScript into a request that will then be rendered and executed in the context of the Administrative user when the Administrative user is viewing the Access Syste...
CVE-2017-0302
- EPSS 0.74%
- Veröffentlicht 09.05.2017 15:29:00
- Zuletzt bearbeitet 13.05.2026 00:24:29
In F5 BIG-IP APM 12.0.0 through 12.1.2 and 13.0.0, an authenticated user with an established access session to the BIG-IP APM system may be able to cause a traffic disruption if the length of the requested URL is less than 16 characters.
CVE-2017-6137
- EPSS 1.09%
- Veröffentlicht 09.05.2017 15:29:00
- Zuletzt bearbeitet 13.05.2026 00:24:29
In F5 BIG-IP LTM, AAM, AFM, Analytics, APM, ASM, DNS, Edge Gateway, GTM, Link Controller, PEM, PSM, WebAccelerator, and WebSafe 11.6.1 HF1, 12.0.0 HF3, 12.0.0 HF4, and 12.1.0 through 12.1.2, undisclosed traffic patterns received while software SYN co...
CVE-2017-6128
- EPSS 1.4%
- Veröffentlicht 01.05.2017 15:59:00
- Zuletzt bearbeitet 13.05.2026 00:24:29
An attacker may be able to cause a denial-of-service (DoS) attack against the sshd component in F5 BIG-IP, Enterprise Manager, BIG-IQ, and iWorkflow.
CVE-2016-7467
- EPSS 1.92%
- Veröffentlicht 11.04.2017 14:59:00
- Zuletzt bearbeitet 13.05.2026 00:24:29
The TMM SSO plugin in F5 BIG-IP APM 12.0.0 - 12.1.1, 11.6.0 - 11.6.1 HF1, 11.5.4 - 11.5.4 HF2, when configured as a SAML Identity Provider with a Service Provider (SP) connector, might allow traffic to be disrupted or failover initiated when a malfor...
CVE-2016-9252
- EPSS 1.78%
- Veröffentlicht 27.03.2017 18:59:00
- Zuletzt bearbeitet 13.05.2026 00:24:29
The Traffic Management Microkernel (TMM) in F5 BIG-IP before 11.5.4 HF3, 11.6.x before 11.6.1 HF2 and 12.x before 12.1.2 does not properly handle minimum path MTU options for IPv6, which allows remote attackers to cause a denial-of-service (DoS) thro...
CVE-2016-7474
- EPSS 0.36%
- Veröffentlicht 27.03.2017 15:59:00
- Zuletzt bearbeitet 13.05.2026 00:24:29
In some cases the MCPD binary cache in F5 BIG-IP devices may allow a user with Advanced Shell access, or privileges to generate a qkview, to temporarily obtain normally unrecoverable information.
CVE-2016-7468
- EPSS 1.77%
- Veröffentlicht 23.03.2017 14:59:00
- Zuletzt bearbeitet 13.05.2026 00:24:29
An unauthenticated remote attacker may be able to disrupt services on F5 BIG-IP 11.4.1 - 11.5.4 devices with maliciously crafted network traffic. This vulnerability affects virtual servers associated with TCP profiles when the BIG-IP system's tm.tcpp...