F5

Big-iq Centralized Management

85 Schwachstellen gefunden.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
  • EPSS 87.99%
  • Veröffentlicht 07.12.2022 04:15:10
  • Zuletzt bearbeitet 21.11.2024 07:23:31

In all versions,  BIG-IP and BIG-IQ are vulnerable to cross-site request forgery (CSRF) attacks through iControl SOAP.   Note: Software versions which have reached End of Technical Support (EoTS) are not evaluated.

  • EPSS 0.6%
  • Veröffentlicht 19.10.2022 22:15:12
  • Zuletzt bearbeitet 21.11.2024 07:23:48

In BIG-IP versions 17.0.x before 17.0.0.1, 16.1.x before 16.1.3.1, 15.1.x before 15.1.7, 14.1.x before 14.1.5.1, and all versions of 13.1.x, and BIG-IQ all versions of 8.x and 7.x, an authenticated iControl REST user can cause an increase in memory r...

  • EPSS 0.58%
  • Veröffentlicht 04.08.2022 18:15:10
  • Zuletzt bearbeitet 21.11.2024 07:11:33

In BIG-IP Versions 17.0.x before 17.0.0.1, 16.1.x before 16.1.3.1, 15.1.x before 15.1.6.1, 14.1.x before 14.1.5.1, and all versions of 13.1.x, and BIG-IQ version 8.x before 8.2.0 and all versions of 7.x, an authenticated user's iControl REST token ma...

  • EPSS 0.65%
  • Veröffentlicht 04.08.2022 18:15:10
  • Zuletzt bearbeitet 21.11.2024 07:10:18

In BIG-IP Versions 17.0.x before 17.0.0.1, 16.1.x before 16.1.3.1, 15.1.x before 15.1.6.1, 14.1.x before 14.1.5.1, and all versions of 13.1.x, and BIG-IQ Centralized Management all versions of 8.x, an authenticated attacker may cause iControl SOAP to...

  • EPSS 0.63%
  • Veröffentlicht 04.08.2022 18:15:10
  • Zuletzt bearbeitet 21.11.2024 07:10:18

In BIG-IP Versions 16.1.x before 16.1.3.1 and 15.1.x before 15.1.6.1, and all versions of BIG-IQ 8.x, when the Data Plane Development Kit (DPDK)/Elastic Network Adapter (ENA) driver is used with BIG-IP or BIG-IQ on Amazon Web Services (AWS) systems, ...

  • EPSS 0.85%
  • Veröffentlicht 05.05.2022 17:15:15
  • Zuletzt bearbeitet 21.11.2024 06:59:09

On F5 BIG-IP 15.1.x versions prior to 15.1.5.1, 14.1.x versions prior to 14.1.4.6, 13.1.x versions prior to 13.1.5, and all versions of 12.1.x and 11.6.x, and F5 BIG-IQ Centralized Management all versions of 8.x and 7.x, when an IPv6 self IP address ...

  • EPSS 0.44%
  • Veröffentlicht 05.05.2022 17:15:11
  • Zuletzt bearbeitet 21.11.2024 06:53:46

On F5 BIG-IP 16.1.x versions prior to 16.1.2.2, 15.1.x versions prior to 15.1.5.1, 14.1.x versions prior to 14.1.4.6, 13.1.x versions prior to 13.1.5, and all versions of 12.1.x and 11.6.x, and F5 BIG-IQ Centralized Management all versions of 8.x and...

  • EPSS 0.9%
  • Veröffentlicht 25.01.2022 20:15:09
  • Zuletzt bearbeitet 21.11.2024 06:47:49

On BIG-IP version 16.1.x before 16.1.2.1, 15.1.x before 15.1.5, 14.1.x before 14.1.4.5, and all versions of 13.1.x and 12.1.x, and BIG-IQ all versions of 8.x and 7.x, undisclosed requests by an authenticated iControl REST user can cause an increase i...

  • EPSS 1.11%
  • Veröffentlicht 25.01.2022 20:15:09
  • Zuletzt bearbeitet 21.11.2024 06:47:47

On BIG-IQ Centralized Management 8.x before 8.1.0, an authenticated administrative role user on a BIG-IQ managed BIG-IP device can access other BIG-IP devices managed by the same BIG-IQ system. Note: Software versions which have reached End of Techni...

Exploit
  • EPSS 23.06%
  • Veröffentlicht 11.11.2021 19:15:07
  • Zuletzt bearbeitet 22.08.2025 10:33:16

The Diffie-Hellman Key Agreement Protocol allows remote attackers (from the client side) to send arbitrary numbers that are actually not public keys, and trigger expensive server-side DHE modular-exponentiation calculations, aka a D(HE)at or D(HE)ate...