F5

Big-ip Application Acceleration Manager

444 Schwachstellen gefunden.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
4.9

CVE-2014-6031

  • EPSS 0.47%
  • Veröffentlicht 08.06.2017 16:29:00
  • Zuletzt bearbeitet 20.04.2025 01:37:25

Buffer overflow in the mcpq daemon in F5 BIG-IP systems 10.x before 10.2.4 HF12, 11.x before 11.2.1 HF15, 11.3.x, 11.4.x before 11.4.1 HF9, 11.5.x before 11.5.2 HF1, and 11.6.0 before HF4, and Enterprise Manager 2.1.0 through 2.3.0 and 3.x before 3.1...

9.8

CVE-2017-6131

  • EPSS 0.78%
  • Veröffentlicht 23.05.2017 15:29:00
  • Zuletzt bearbeitet 20.04.2025 01:37:25

In some circumstances, an F5 BIG-IP version 12.0.0 to 12.1.2 and 13.0.0 Azure cloud instance may contain a default administrative password which could be used to remotely log into the BIG-IP system. The impacted administrative account is the Azure in...

7.5

CVE-2016-7476

  • EPSS 1.2%
  • Veröffentlicht 11.05.2017 16:29:00
  • Zuletzt bearbeitet 20.04.2025 01:37:25

The Traffic Management Microkernel (TMM) in F5 BIG-IP LTM, AAM, AFM, APM, ASM, GTM, Link Controller, PEM, PSM, and WebSafe 11.6.0 before 11.6.0 HF6, 11.5.0 before 11.5.3 HF2, and 11.3.0 before 11.4.1 HF10 may suffer from a memory leak while handling ...

7.5

CVE-2016-9250

  • EPSS 0.61%
  • Veröffentlicht 10.05.2017 14:29:00
  • Zuletzt bearbeitet 20.04.2025 01:37:25

In F5 BIG-IP 11.2.1, 11.4.0 through 11.6.1, and 12.0.0 through 12.1.2, an unauthenticated user with access to the control plane may be able to delete arbitrary files through an undisclosed mechanism.

8.8

CVE-2016-9251

  • EPSS 0.45%
  • Veröffentlicht 09.05.2017 15:29:00
  • Zuletzt bearbeitet 20.04.2025 01:37:25

In F5 BIG-IP 12.0.0 through 12.1.2, an authenticated attacker may be able to cause an escalation of privileges through a crafted iControl REST connection.

7.5

CVE-2016-9253

  • EPSS 0.78%
  • Veröffentlicht 09.05.2017 15:29:00
  • Zuletzt bearbeitet 20.04.2025 01:37:25

In F5 BIG-IP 12.1.0 through 12.1.2, specific websocket traffic patterns may cause a disruption of service for virtual servers configured to use the websocket profile.

7.5

CVE-2016-9256

  • EPSS 0.23%
  • Veröffentlicht 09.05.2017 15:29:00
  • Zuletzt bearbeitet 20.04.2025 01:37:25

In F5 BIG-IP 12.1.0 through 12.1.2, permissions enforced by iControl can lag behind the actual permissions assigned to a user if the role_map is not reloaded between the time the permissions are changed and the time of the user's next request. This i...

5.9

CVE-2017-6137

  • EPSS 0.7%
  • Veröffentlicht 09.05.2017 15:29:00
  • Zuletzt bearbeitet 20.04.2025 01:37:25

In F5 BIG-IP LTM, AAM, AFM, Analytics, APM, ASM, DNS, Edge Gateway, GTM, Link Controller, PEM, PSM, WebAccelerator, and WebSafe 11.6.1 HF1, 12.0.0 HF3, 12.0.0 HF4, and 12.1.0 through 12.1.2, undisclosed traffic patterns received while software SYN co...

7.5

CVE-2017-6128

  • EPSS 0.93%
  • Veröffentlicht 01.05.2017 15:59:00
  • Zuletzt bearbeitet 20.04.2025 01:37:25

An attacker may be able to cause a denial-of-service (DoS) attack against the sshd component in F5 BIG-IP, Enterprise Manager, BIG-IQ, and iWorkflow.

7.5

CVE-2016-9252

  • EPSS 1.2%
  • Veröffentlicht 27.03.2017 18:59:00
  • Zuletzt bearbeitet 20.04.2025 01:37:25

The Traffic Management Microkernel (TMM) in F5 BIG-IP before 11.5.4 HF3, 11.6.x before 11.6.1 HF2 and 12.x before 12.1.2 does not properly handle minimum path MTU options for IPv6, which allows remote attackers to cause a denial-of-service (DoS) thro...