F5

Big-ip Webaccelerator

217 vulnerabilities found.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
5.9

CVE-2019-6471

  • EPSS 1.64%
  • Published 09.10.2019 16:15:17
  • Last modified 21.11.2024 04:46:30

A race condition which may occur when discarding malformed packets can result in BIND exiting due to a REQUIRE assertion failure in dispatch.c. Versions affected: BIND 9.11.0 -> 9.11.7, 9.12.0 -> 9.12.4-P1, 9.14.0 -> 9.14.2. Also all releases of the ...

7.5

CVE-2018-5743

  • EPSS 1.5%
  • Published 09.10.2019 16:15:13
  • Last modified 21.11.2024 04:09:17

By design, BIND is intended to limit the number of TCP clients that can be connected at any given time. The number of allowed connections is a tunable parameter which, if unset, defaults to a conservative value for most servers. Unfortunately, the co...

7.5

CVE-2018-14880

  • EPSS 0.99%
  • Published 03.10.2019 16:15:12
  • Last modified 21.11.2024 03:49:59

The OSPFv3 parser in tcpdump before 4.9.3 has a buffer over-read in print-ospf6.c:ospf6_print_lshdr().

7.5

CVE-2018-14468

  • EPSS 0.68%
  • Published 03.10.2019 16:15:11
  • Last modified 21.11.2024 03:49:08

The FRF.16 parser in tcpdump before 4.9.3 has a buffer over-read in print-fr.c:mfr_print().

4.3

CVE-2019-6654

  • EPSS 0.13%
  • Published 25.09.2019 19:15:10
  • Last modified 21.11.2024 04:46:53

On versions 14.0.0-14.1.2, 13.0.0-13.1.3, 12.1.0-12.1.5, and 11.5.1-11.6.5, the BIG-IP system fails to perform Martian Address Filtering (As defined in RFC 1812 section 5.3.7) on the control plane (management interface). This may allow attackers on a...

5.3

CVE-2019-6651

  • EPSS 0.4%
  • Published 25.09.2019 18:15:13
  • Last modified 21.11.2024 04:46:53

In BIG-IP 15.0.0, 14.1.0-14.1.0.6, 14.0.0-14.0.0.5, 13.0.0-13.1.1.5, 12.1.0-12.1.4.1, 11.5.1-11.6.4, BIG-IQ 7.0.0, 6.0.0-6.1.0,5.2.0-5.4.0, iWorkflow 2.3.0, and Enterprise Manager 3.1.1, the Configuration utility login page may not follow best securi...

9.1

CVE-2019-6649

  • EPSS 0.52%
  • Published 20.09.2019 20:15:11
  • Last modified 21.11.2024 04:46:52

F5 BIG-IP 15.0.0, 14.1.0-14.1.0.6, 14.0.0-14.0.0.5, 13.0.0-13.1.1.5, 12.1.0-12.1.4.1, 11.6.0-11.6.4, and 11.5.1-11.5.9 and Enterprise Manager 3.1.1 may expose sensitive information and allow the system configuration to be modified when using non-defa...

7.5

CVE-2019-6643

  • EPSS 0.58%
  • Published 04.09.2019 18:15:11
  • Last modified 21.11.2024 04:46:52

On versions 14.1.0-14.1.0.5, 14.0.0-14.0.0.4, 13.0.0-13.1.2, 12.1.0-12.1.4.1, and 11.5.2-11.6.4, an attacker sending specifically crafted DHCPv6 requests through a BIG-IP virtual server configured with a DHCPv6 profile may be able to cause the TMM pr...

8.8

CVE-2019-6646

  • EPSS 0.42%
  • Published 04.09.2019 18:15:11
  • Last modified 21.11.2024 04:46:52

On BIG-IP 11.5.2-11.6.4 and Enterprise Manager 3.1.1, REST users with guest privileges may be able to escalate their privileges and run commands with admin privileges.

9.4

CVE-2019-6644

  • EPSS 0.79%
  • Published 04.09.2019 17:15:11
  • Last modified 21.11.2024 04:46:52

Similar to the issue identified in CVE-2018-12120, on versions 14.1.0-14.1.0.5, 14.0.0-14.0.0.4, 13.0.0-13.1.2, and 12.1.0-12.1.4 BIG-IP will bind a debug nodejs process to all interfaces when invoked. This may expose the process to unauthorized user...