F5

Big-ip Edge Gateway

213 vulnerabilities found.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
6.5

CVE-2019-6662

  • EPSS 0.33%
  • Published 15.11.2019 21:15:11
  • Last modified 21.11.2024 04:46:54

On BIG-IP 13.1.0-13.1.1.4, sensitive information is logged into the local log files and/or remote logging targets when restjavad processes an invalid request. Users with access to the log files would be able to view that data.

5.5

CVE-2019-6663

  • EPSS 0.44%
  • Published 15.11.2019 21:15:11
  • Last modified 21.11.2024 04:46:54

The BIG-IP 15.0.0-15.0.1, 14.0.0-14.1.2.2, 13.1.0-13.1.3.1, 12.1.0-12.1.5, and 11.5.1-11.6.5.1, BIG-IQ 7.0.0, 6.0.0-6.1.0, and 5.2.0-5.4.0, iWorkflow 2.3.0, and Enterprise Manager 3.1.1 configuration utility is vulnerable to Anti DNS Pinning (DNS Reb...

7.5

CVE-2019-6664

  • EPSS 0.58%
  • Published 15.11.2019 21:15:11
  • Last modified 21.11.2024 04:46:54

On BIG-IP 15.0.0 and 14.1.0-14.1.0.6, under certain conditions, network protections on the management port do not follow current best practices.

6.1

CVE-2019-6657

  • EPSS 0.47%
  • Published 01.11.2019 15:15:11
  • Last modified 21.11.2024 04:46:53

On BIG-IP 13.1.0-13.1.3.1, 12.1.0-12.1.5, and 11.5.2-11.6.5.1, a reflected cross-site scripting (XSS) vulnerability exists in an undisclosed page of the BIG-IP Traffic Management User Interface (TMUI), also known as the BIG-IP Configuration utility.

5.9

CVE-2019-6471

  • EPSS 1.64%
  • Published 09.10.2019 16:15:17
  • Last modified 21.11.2024 04:46:30

A race condition which may occur when discarding malformed packets can result in BIND exiting due to a REQUIRE assertion failure in dispatch.c. Versions affected: BIND 9.11.0 -> 9.11.7, 9.12.0 -> 9.12.4-P1, 9.14.0 -> 9.14.2. Also all releases of the ...

7.5

CVE-2018-5743

  • EPSS 1.5%
  • Published 09.10.2019 16:15:13
  • Last modified 21.11.2024 04:09:17

By design, BIND is intended to limit the number of TCP clients that can be connected at any given time. The number of allowed connections is a tunable parameter which, if unset, defaults to a conservative value for most servers. Unfortunately, the co...

7.5

CVE-2018-14880

  • EPSS 0.99%
  • Published 03.10.2019 16:15:12
  • Last modified 21.11.2024 03:49:59

The OSPFv3 parser in tcpdump before 4.9.3 has a buffer over-read in print-ospf6.c:ospf6_print_lshdr().

7.5

CVE-2018-14468

  • EPSS 0.68%
  • Published 03.10.2019 16:15:11
  • Last modified 21.11.2024 03:49:08

The FRF.16 parser in tcpdump before 4.9.3 has a buffer over-read in print-fr.c:mfr_print().

4.3

CVE-2019-6654

  • EPSS 0.13%
  • Published 25.09.2019 19:15:10
  • Last modified 21.11.2024 04:46:53

On versions 14.0.0-14.1.2, 13.0.0-13.1.3, 12.1.0-12.1.5, and 11.5.1-11.6.5, the BIG-IP system fails to perform Martian Address Filtering (As defined in RFC 1812 section 5.3.7) on the control plane (management interface). This may allow attackers on a...

5.3

CVE-2019-6651

  • EPSS 0.4%
  • Published 25.09.2019 18:15:13
  • Last modified 21.11.2024 04:46:53

In BIG-IP 15.0.0, 14.1.0-14.1.0.6, 14.0.0-14.0.0.5, 13.0.0-13.1.1.5, 12.1.0-12.1.4.1, 11.5.1-11.6.4, BIG-IQ 7.0.0, 6.0.0-6.1.0,5.2.0-5.4.0, iWorkflow 2.3.0, and Enterprise Manager 3.1.1, the Configuration utility login page may not follow best securi...