F5

Big-ip Edge Gateway

213 vulnerabilities found.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
5.3

CVE-2017-6153

  • EPSS 0.6%
  • Published 01.06.2018 14:29:00
  • Last modified 21.11.2024 03:29:09

Features in F5 BIG-IP 13.0.0-13.1.0.3, 12.1.0-12.1.3.1, 11.6.1-11.6.3.1, 11.5.1-11.5.5, or 11.2.1 system that utilizes inflate functionality directly, via an iRule, or via the inflate code from PEM module are subjected to a service disruption via a "...

7.5

CVE-2018-5513

  • EPSS 0.75%
  • Published 01.06.2018 14:29:00
  • Last modified 21.11.2024 04:08:57

On F5 BIG-IP 13.1.0-13.1.0.3, 13.0.0, 12.1.0-12.1.3.3, 11.6.1-11.6.3.1, 11.5.1-11.5.5, or 11.2.1, a malformed TLS handshake causes TMM to crash leading to a disruption of service. This issue is only exposed on the data plane when Proxy SSL configurat...

6.1

CVE-2018-5521

  • EPSS 0.35%
  • Published 01.06.2018 14:29:00
  • Last modified 21.11.2024 04:08:59

On F5 BIG-IP 12.1.0-12.1.3.1, 11.6.1-11.6.3.1, 11.5.1-11.5.5, or 11.2.1, carefully crafted URLs can be used to reflect arbitrary content into GeoIP lookup responses, potentially exposing clients to XSS.

5.9

CVE-2018-5522

  • EPSS 0.68%
  • Published 01.06.2018 14:29:00
  • Last modified 21.11.2024 04:08:59

On F5 BIG-IP 13.0.0, 12.0.0-12.1.2, 11.6.1-11.6.3.1, 11.5.1-11.5.5, or 11.2.1, when processing DIAMETER transactions with carefully crafted attribute-value pairs, TMM may crash.

7.2

CVE-2018-5523

  • EPSS 0.42%
  • Published 01.06.2018 14:29:00
  • Last modified 21.11.2024 04:08:59

On F5 BIG-IP 13.1.0-13.1.0.3, 13.0.0, 12.1.0-12.1.3.1, 11.6.1-11.6.3.1, 11.5.1-11.5.5, or 11.2.1 and Enterprise Manager 3.1.1, when authenticated administrative users run commands in the Traffic Management User Interface (TMUI), also referred to as t...

5.3

CVE-2018-5524

  • EPSS 0.6%
  • Published 01.06.2018 14:29:00
  • Last modified 21.11.2024 04:08:59

Under certain conditions, on F5 BIG-IP 13.0.0-13.1.0.5, 12.1.0-12.1.3.1, or 11.6.1 HF2-11.6.3.1, virtual servers configured with Client SSL or Server SSL profiles which make use of network hardware security module (HSM) functionality are exposed and ...

4.3

CVE-2018-5525

  • EPSS 0.16%
  • Published 01.06.2018 14:29:00
  • Last modified 21.11.2024 04:08:59

A local file vulnerability exists in the F5 BIG-IP Configuration utility on versions 13.0.0, 12.1.0-12.1.2, 11.6.1-11.6.3.1, 11.5.1-11.5.5, or 11.2.1 that exposes files containing F5-provided data only and do not include any configuration data, proxi...

7.8

CVE-2018-5512

  • EPSS 2.23%
  • Published 02.05.2018 13:29:00
  • Last modified 21.11.2024 04:08:57

On F5 BIG-IP 13.1.0-13.1.0.5, when Large Receive Offload (LRO) and SYN cookies are enabled (default settings), undisclosed traffic patterns may cause TMM to restart.

7.5

CVE-2018-5514

  • EPSS 2.68%
  • Published 02.05.2018 13:29:00
  • Last modified 21.11.2024 04:08:58

On F5 BIG-IP 13.1.0-13.1.0.5, maliciously crafted HTTP/2 request frames can lead to denial of service. There is data plane exposure for virtual servers when the HTTP2 profile is enabled. There is no control plane exposure to this issue.

6.3

CVE-2018-5515

  • EPSS 4.03%
  • Published 02.05.2018 13:29:00
  • Last modified 21.11.2024 04:08:58

On F5 BIG-IP 13.0.0-13.1.0.5, using RADIUS authentication responses from a RADIUS server with IPv6 addresses may cause TMM to crash, leading to a failover event.