F5

Big-ip Next Service Proxy For Kubernetes

9 Schwachstellen gefunden.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
8.7

CVE-2025-36557

  • EPSS 0.07%
  • Veröffentlicht 07.05.2025 22:15:20
  • Zuletzt bearbeitet 06.08.2025 18:14:59

When an HTTP profile with the Enforce RFC Compliance option is configured on a virtual server, undisclosed requests can cause the Traffic Management Microkernel (TMM) to terminate. Note: Software versions which have reached End of Technical Support (...

8.7

CVE-2025-22846

  • EPSS 0.19%
  • Veröffentlicht 05.02.2025 18:15:31
  • Zuletzt bearbeitet 10.09.2025 15:57:39

When SIP Session and Router ALG profiles are configured on a Message Routing type virtual server, undisclosed traffic can cause the Traffic Management Microkernel (TMM) to terminate.   Note: Software versions which have reached End of Technical Su...

7.5

CVE-2024-41164

  • EPSS 0.67%
  • Veröffentlicht 14.08.2024 15:15:27
  • Zuletzt bearbeitet 19.08.2024 18:39:06

When TCP profile with Multipath TCP enabled (MPTCP) is configured on a Virtual Server, undisclosed traffic along with conditions beyond the attackers control can cause TMM to terminate. Note: Software versions which have reached End of Technical...

7.5

CVE-2024-23314

  • EPSS 0.27%
  • Veröffentlicht 14.02.2024 17:15:13
  • Zuletzt bearbeitet 23.01.2025 19:52:38

When HTTP/2 is configured on BIG-IP or BIG-IP Next SPK systems, undisclosed responses can cause the Traffic Management Microkernel (TMM) to terminate.  Note: Software versions which have reached End of Technical Support (EoTS) are not evaluated

7.5

CVE-2023-45886

Exploit
  • EPSS 0.31%
  • Veröffentlicht 21.11.2023 06:15:42
  • Zuletzt bearbeitet 21.11.2024 08:27:33

The BGP daemon (bgpd) in IP Infusion ZebOS through 7.10.6 allow remote attackers to cause a denial of service by sending crafted BGP update messages containing a malformed attribute.

7.5

CVE-2023-44487

Warnung Medienbericht Exploit
  • EPSS 94.44%
  • Veröffentlicht 10.10.2023 14:15:10
  • Zuletzt bearbeitet 11.06.2025 17:29:54

The HTTP/2 protocol allows a denial of service (server resource consumption) because request cancellation can reset many streams quickly, as exploited in the wild in August through October 2023.

7.4

CVE-2023-45226

  • EPSS 0.57%
  • Veröffentlicht 10.10.2023 13:15:22
  • Zuletzt bearbeitet 21.11.2024 08:26:35

The BIG-IP SPK TMM (Traffic Management Module) f5-debug-sidecar and f5-debug-sshd containers contains hardcoded credentials that may allow an attacker with the ability to intercept traffic to impersonate the SPK Secure Shell (SSH) server on those co...

7.5

CVE-2023-40534

  • EPSS 0.57%
  • Veröffentlicht 10.10.2023 13:15:20
  • Zuletzt bearbeitet 21.11.2024 08:19:40

When a client-side HTTP/2 profile and the HTTP MRF Router option are enabled for a virtual server, and an iRule using the HTTP_REQUEST event or Local Traffic Policy are associated with the virtual server, undisclosed requests can cause TMM to termina...

5.3

CVE-2023-24594

  • EPSS 0.14%
  • Veröffentlicht 03.05.2023 15:15:12
  • Zuletzt bearbeitet 21.11.2024 07:48:12

When an SSL profile is configured on a Virtual Server, undisclosed traffic can cause an increase in CPU or SSL accelerator resource utilization.   Note: Software versions which have reached End of Technical Support (EoTS) are not evaluated.