F5

Big-ip Access Policy Manager

623 Schwachstellen gefunden.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
  • EPSS 0.23%
  • Veröffentlicht 15.10.2025 13:55:47
  • Zuletzt bearbeitet 04.02.2026 17:47:53

On BIG-IP systems, undisclosed traffic can cause data corruption and unauthorized data modification in protocols which do not have message integrity protection.  Note: Software versions which have reached End of Technical Support (EoTS) are not evalu...

  • EPSS 0.32%
  • Veröffentlicht 15.10.2025 13:55:46
  • Zuletzt bearbeitet 22.10.2025 21:02:07

When DNS cache is configured on a BIG-IP or BIG-IP Next CNF virtual server, undisclosed DNS queries can cause an increase in memory resource utilization.   Note: Software versions which have reached End of Technical Support (EoTS) are not evaluated.

  • EPSS 0.39%
  • Veröffentlicht 15.10.2025 13:55:45
  • Zuletzt bearbeitet 21.10.2025 18:54:09

When an iRule containing the HTTP::respond command is configured on a virtual server, undisclosed requests can cause an increase in memory resource utilization. Note: Software versions which have reached End of Technical Support (EoTS) are not evalua...

  • EPSS 0.41%
  • Veröffentlicht 15.10.2025 13:55:44
  • Zuletzt bearbeitet 21.10.2025 18:53:07

When a TCP profile with Multipath TCP (MPTCP) enabled is configured on a virtual server, undisclosed traffic along with conditions beyond the attacker's control can cause the Traffic Management Microkernel (TMM) to terminate.  Note: Software versions...

  • EPSS 0.21%
  • Veröffentlicht 15.10.2025 13:55:44
  • Zuletzt bearbeitet 04.02.2026 17:47:36

Under undisclosed traffic conditions along with conditions beyond the attacker's control, hardware systems with a High-Speed Bridge (HSB) may experience a lockup of the HSB.  Note: Software versions which have reached End of Technical Support (EoTS)...

  • EPSS 0.36%
  • Veröffentlicht 15.10.2025 13:55:42
  • Zuletzt bearbeitet 21.10.2025 18:53:54

When the BIG-IP system is configured as both a Security Assertion Markup Language (SAML) service provider (SP) and Identity Provider (IdP), with single logout (SLO) enabled on an access policy, undisclosed requests can cause an increase in memory res...

  • EPSS 0.37%
  • Veröffentlicht 15.10.2025 13:55:42
  • Zuletzt bearbeitet 21.10.2025 19:33:09

On the BIG-IP system, undisclosed endpoints that contain static non-sensitive information are accessible to an unauthenticated remote attacker through the Configuration utility.  Note: Software versions which have reached End of Technical Support (Eo...

  • EPSS 0.26%
  • Veröffentlicht 15.10.2025 13:55:42
  • Zuletzt bearbeitet 21.10.2025 19:33:38

A stored cross-site scripting (XSS) vulnerability exists in an undisclosed page of the BIG-IP Configuration utility that allows an attacker to run JavaScript in the context of the currently logged-in user.   Note: Software versions which have reache...

  • EPSS 0.32%
  • Veröffentlicht 15.10.2025 13:55:41
  • Zuletzt bearbeitet 21.10.2025 19:49:57

When an iRule using an ILX::call command is configured on a virtual server, undisclosed traffic can cause the Traffic Management Microkernel (TMM) to terminate.  Note: Software versions which have reached End of Technical Support (EoTS) are not evalu...

Medienbericht
  • EPSS 0.46%
  • Veröffentlicht 13.08.2025 14:46:55
  • Zuletzt bearbeitet 04.02.2026 17:47:28

An HTTP/2 implementation flaw allows a denial-of-service (DoS) that uses malformed HTTP/2 control frames in order to break the max concurrent streams limit (HTTP/2 MadeYouReset Attack).  Note: Software versions which have reached End of Technical Su...