F5

Big-ip Protocol Security Module

61 vulnerabilities found.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
7.5

CVE-2016-9250

  • EPSS 0.61%
  • Published 10.05.2017 14:29:00
  • Last modified 20.04.2025 01:37:25

In F5 BIG-IP 11.2.1, 11.4.0 through 11.6.1, and 12.0.0 through 12.1.2, an unauthenticated user with access to the control plane may be able to delete arbitrary files through an undisclosed mechanism.

7.5

CVE-2017-6128

  • EPSS 0.93%
  • Published 01.05.2017 15:59:00
  • Last modified 20.04.2025 01:37:25

An attacker may be able to cause a denial-of-service (DoS) attack against the sshd component in F5 BIG-IP, Enterprise Manager, BIG-IQ, and iWorkflow.

7.5

CVE-2016-9252

  • EPSS 1.2%
  • Published 27.03.2017 18:59:00
  • Last modified 20.04.2025 01:37:25

The Traffic Management Microkernel (TMM) in F5 BIG-IP before 11.5.4 HF3, 11.6.x before 11.6.1 HF2 and 12.x before 12.1.2 does not properly handle minimum path MTU options for IPv6, which allows remote attackers to cause a denial-of-service (DoS) thro...

5.5

CVE-2016-7474

  • EPSS 0.11%
  • Published 27.03.2017 15:59:00
  • Last modified 20.04.2025 01:37:25

In some cases the MCPD binary cache in F5 BIG-IP devices may allow a user with Advanced Shell access, or privileges to generate a qkview, to temporarily obtain normally unrecoverable information.

5.9

CVE-2016-7468

  • EPSS 0.92%
  • Published 23.03.2017 14:59:00
  • Last modified 20.04.2025 01:37:25

An unauthenticated remote attacker may be able to disrupt services on F5 BIG-IP 11.4.1 - 11.5.4 devices with maliciously crafted network traffic. This vulnerability affects virtual servers associated with TCP profiles when the BIG-IP system's tm.tcpp...

7.5

CVE-2016-9244

  • EPSS 73.65%
  • Published 09.02.2017 15:59:01
  • Last modified 20.04.2025 01:37:25

A BIG-IP virtual server configured with a Client SSL profile that has the non-default Session Tickets option enabled may leak up to 31 bytes of uninitialized memory. A remote attacker may exploit this vulnerability to obtain Secure Sockets Layer (SSL...

7.5

CVE-2016-6876

  • EPSS 0.75%
  • Published 07.09.2016 19:28:17
  • Last modified 12.04.2025 10:46:40

The RESOLV::lookup iRule command in F5 BIG-IP LTM, APM, ASM, and Link Controller 10.2.1 through 10.2.4, 11.2.1, 11.4.x, 11.5.x before 11.5.4 HF2, 11.6.x before 11.6.1, and 12.0.0 before HF3; BIG-IP AAM, AFM, and PEM 11.4.x, 11.5.x before 11.5.4 HF2, ...

9.8

CVE-2016-5022

  • EPSS 2.43%
  • Published 07.09.2016 19:28:02
  • Last modified 12.04.2025 10:46:40

F5 BIG-IP LTM, Analytics, APM, ASM, and Link Controller 11.2.x before 11.2.1 HF16, 11.3.x, 11.4.x, 11.5.x before 11.5.4 HF2, 11.6.x before 11.6.1 HF1, and 12.x before 12.0.0 HF3; BIG-IP AAM, AFM, and PEM 11.4.x, 11.5.x before 11.5.4 HF2, 11.6.x befor...

7.5

CVE-2016-5023

  • EPSS 2.36%
  • Published 26.08.2016 14:59:01
  • Last modified 12.04.2025 10:46:40

Virtual servers in F5 BIG-IP systems 11.2.1 HF11 through HF15, 11.4.1 HF4 through HF10, 11.5.3 through 11.5.4, 11.6.0 HF5 through HF7, and 12.0.0, when configured with a TCP profile, allow remote attackers to cause a denial of service (Traffic Manage...

4.9

CVE-2016-1497

  • EPSS 0.23%
  • Published 26.08.2016 14:59:00
  • Last modified 12.04.2025 10:46:40

The Configuration utility in F5 BIG-IP systems 11.0.x, 11.1.x, 11.2.x before 11.2.1 HF16, 11.3.x, 11.4.x before 11.4.1 HF10, 11.5.x before 11.5.4 HF2, 1.6.x before 11.6.1, and 12.0.0 before HF1 allows remote administrators to read Access Policy Manag...