F5

Big-ip Webaccelerator

217 vulnerabilities found.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
7.5

CVE-2019-6667

  • EPSS 0.89%
  • Published 27.11.2019 22:15:11
  • Last modified 21.11.2024 04:46:55

On BIG-IP 15.0.0-15.0.1, 14.1.0-14.1.0.5, 14.0.0-14.0.0.4, 13.1.0-13.1.1.5, 12.1.0-12.1.4.1, and 11.5.1-11.6.5, under certain conditions, TMM may consume excessive resources when processing traffic for a Virtual Server with the FIX (Financial Informa...

7.5

CVE-2019-6669

  • EPSS 0.89%
  • Published 27.11.2019 22:15:11
  • Last modified 21.11.2024 04:46:55

On BIG-IP 15.0.0-15.0.1, 14.1.0-14.1.2, 14.0.0-14.0.1, 13.1.0-13.1.3.1, 12.1.0-12.1.5, and 11.5.1-11.6.5.1, undisclosed traffic flow may cause TMM to restart under some circumstances.

4.4

CVE-2019-6670

  • EPSS 0.1%
  • Published 27.11.2019 22:15:11
  • Last modified 21.11.2024 04:46:55

On BIG-IP 15.0.0-15.0.1, 14.1.0-14.1.2, 14.0.0-14.0.1, 13.1.0-13.1.3.1, 12.1.0-12.1.5, and 11.5.1-11.6.5, vCMP hypervisors are incorrectly exposing the plaintext unit key for their vCMP guests on the filesystem.

7.5

CVE-2019-6671

  • EPSS 0.89%
  • Published 27.11.2019 22:15:11
  • Last modified 21.11.2024 04:46:55

On BIG-IP 15.0.0-15.0.1, 14.1.0-14.1.2, 14.0.0-14.0.1, and 13.1.0-13.1.3.1, under certain conditions tmm may leak memory when processing packet fragments, leading to resource starvation.

7.5

CVE-2019-6659

  • EPSS 0.9%
  • Published 15.11.2019 21:15:11
  • Last modified 21.11.2024 04:46:54

On version 14.0.0-14.1.0.1, BIG-IP virtual servers with TLSv1.3 enabled may experience a denial of service due to undisclosed incoming messages.

7.5

CVE-2019-6660

  • EPSS 0.89%
  • Published 15.11.2019 21:15:11
  • Last modified 21.11.2024 04:46:54

On BIG-IP 14.1.0-14.1.2, 14.0.0-14.0.1, and 13.1.0-13.1.1, undisclosed HTTP requests may consume excessive amounts of systems resources which may lead to a denial of service.

6.5

CVE-2019-6662

  • EPSS 0.33%
  • Published 15.11.2019 21:15:11
  • Last modified 21.11.2024 04:46:54

On BIG-IP 13.1.0-13.1.1.4, sensitive information is logged into the local log files and/or remote logging targets when restjavad processes an invalid request. Users with access to the log files would be able to view that data.

5.5

CVE-2019-6663

  • EPSS 0.44%
  • Published 15.11.2019 21:15:11
  • Last modified 21.11.2024 04:46:54

The BIG-IP 15.0.0-15.0.1, 14.0.0-14.1.2.2, 13.1.0-13.1.3.1, 12.1.0-12.1.5, and 11.5.1-11.6.5.1, BIG-IQ 7.0.0, 6.0.0-6.1.0, and 5.2.0-5.4.0, iWorkflow 2.3.0, and Enterprise Manager 3.1.1 configuration utility is vulnerable to Anti DNS Pinning (DNS Reb...

7.5

CVE-2019-6664

  • EPSS 0.58%
  • Published 15.11.2019 21:15:11
  • Last modified 21.11.2024 04:46:54

On BIG-IP 15.0.0 and 14.1.0-14.1.0.6, under certain conditions, network protections on the management port do not follow current best practices.

6.1

CVE-2019-6657

  • EPSS 0.47%
  • Published 01.11.2019 15:15:11
  • Last modified 21.11.2024 04:46:53

On BIG-IP 13.1.0-13.1.3.1, 12.1.0-12.1.5, and 11.5.2-11.6.5.1, a reflected cross-site scripting (XSS) vulnerability exists in an undisclosed page of the BIG-IP Traffic Management User Interface (TMUI), also known as the BIG-IP Configuration utility.