F5

Big-ip Edge Gateway

253 Schwachstellen gefunden.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
5.9

CVE-2024-28889

  • EPSS 0.31%
  • Veröffentlicht 08.05.2024 15:15:09
  • Zuletzt bearbeitet 21.10.2025 19:28:04

When an SSL profile with alert timeout is configured with a non-default value on a virtual server, undisclosed traffic along with conditions beyond the attacker's control can cause the Traffic Management Microkernel (TMM) to terminate.  Note: Soft...

8

CVE-2024-31156

  • EPSS 0.95%
  • Veröffentlicht 08.05.2024 15:15:09
  • Zuletzt bearbeitet 21.10.2025 11:39:36

A stored cross-site scripting (XSS) vulnerability exists in an undisclosed page of the BIG-IP Configuration utility that allows an attacker to run JavaScript in the context of the currently logged-in user.  Note: Software versions which have reached...

7.5

CVE-2024-25560

  • EPSS 0.36%
  • Veröffentlicht 08.05.2024 15:15:08
  • Zuletzt bearbeitet 21.10.2025 11:40:17

When BIG-IP AFM is licensed and provisioned, undisclosed DNS traffic can cause the Traffic Management Microkernel (TMM) to terminate. Note: Software versions which have reached End of Technical Support (EoTS) are not evaluated.

4.7

CVE-2024-27202

  • EPSS 0.48%
  • Veröffentlicht 08.05.2024 15:15:08
  • Zuletzt bearbeitet 21.10.2025 19:28:16

A DOM-based cross-site scripting (XSS) vulnerability exists in an undisclosed page of the BIG-IP Configuration utility that allows an attacker to run JavaScript in the context of the currently logged-in user.  Note: Software versions which have reac...

4.4

CVE-2023-45219

  • EPSS 0.11%
  • Veröffentlicht 10.10.2023 13:15:22
  • Zuletzt bearbeitet 21.11.2024 08:26:34

Exposure of Sensitive Information vulnerability exist in an undisclosed BIG-IP TMOS shell (tmsh) command which may allow an authenticated attacker with resource administrator role privileges to view sensitive information.   Note: Software versions ...

7.5

CVE-2023-41085

  • EPSS 0.58%
  • Veröffentlicht 10.10.2023 13:15:21
  • Zuletzt bearbeitet 21.11.2024 08:20:32

When IPSec is configured on a Virtual Server, undisclosed traffic can cause TMM to terminate.  Note: Software versions which have reached End of Technical Support (EoTS) are not evaluated.

6.5

CVE-2023-41964

  • EPSS 0.2%
  • Veröffentlicht 10.10.2023 13:15:21
  • Zuletzt bearbeitet 21.11.2024 08:22:00

The BIG-IP and BIG-IQ systems do not encrypt some sensitive information written to Database (DB) variables.  Note: Software versions which have reached End of Technical Support (EoTS) are not evaluated.

7.2

CVE-2023-42768

  • EPSS 0.43%
  • Veröffentlicht 10.10.2023 13:15:21
  • Zuletzt bearbeitet 21.11.2024 08:23:07

When a non-admin user has been assigned an administrator role via an iControl REST PUT request and later the user's role is reverted back to a non-admin role via the Configuration utility, tmsh, or iControl REST. BIG-IP non-admin user can still have...

7.8

CVE-2023-43611

  • EPSS 0.11%
  • Veröffentlicht 10.10.2023 13:15:21
  • Zuletzt bearbeitet 21.11.2024 08:24:27

The BIG-IP Edge Client Installer on macOS does not follow best practices for elevating privileges during the installation process.  This vulnerability is due to an incomplete fix for CVE-2023-38418.  Note: Software versions which have reached End of...

7.5

CVE-2023-40534

  • EPSS 0.57%
  • Veröffentlicht 10.10.2023 13:15:20
  • Zuletzt bearbeitet 21.11.2024 08:19:40

When a client-side HTTP/2 profile and the HTTP MRF Router option are enabled for a virtual server, and an iRule using the HTTP_REQUEST event or Local Traffic Policy are associated with the virtual server, undisclosed requests can cause TMM to termina...