CVE-2018-5504
- EPSS 4.53%
- Veröffentlicht 22.03.2018 18:29:00
- Zuletzt bearbeitet 21.11.2024 04:08:56
In some circumstances, the Traffic Management Microkernel (TMM) does not properly handle certain malformed Websockets requests/responses, which allows remote attackers to cause a denial-of-service (DoS) or possible remote code execution on the F5 BIG...
CVE-2017-6161
- EPSS 0.97%
- Veröffentlicht 27.10.2017 14:29:00
- Zuletzt bearbeitet 13.05.2026 00:24:29
In F5 BIG-IP LTM, AAM, AFM, Analytics, APM, ASM, DNS, Edge Gateway, GTM, Link Controller, PEM, WebAccelerator software version 12.0.0 - 12.1.2, 11.6.0 - 11.6.1, 11.4.0 - 11.5.4, 11.2.1, when ConfigSync is configured, attackers on adjacent networks ma...
CVE-2017-6145
- EPSS 1.05%
- Veröffentlicht 20.10.2017 15:29:00
- Zuletzt bearbeitet 13.05.2026 00:24:29
iControl REST in F5 BIG-IP LTM, AAM, AFM, Analytics, APM, ASM, DNS, Link Controller, PEM, and WebSafe 12.0.0 through 12.1.2 and 13.0.0 includes a service to convert authorization BIGIPAuthCookie cookies to X-F5-Auth-Token tokens. This service does no...
CVE-2017-6165
- EPSS 1.93%
- Veröffentlicht 20.10.2017 15:29:00
- Zuletzt bearbeitet 13.05.2026 00:24:29
In F5 BIG-IP LTM, AAM, AFM, Analytics, APM, ASM, DNS, GTM, Link Controller, PEM, and WebSafe 11.5.1 HF6 through 11.5.4 HF4, 11.6.0 through 11.6.1 HF1, and 12.0.0 through 12.1.2 on VIPRION platforms only, the script which synchronizes SafeNet External...
CVE-2017-6147
- EPSS 1.33%
- Veröffentlicht 18.09.2017 17:29:01
- Zuletzt bearbeitet 13.05.2026 00:24:29
In F5 BIG-IP LTM, AAM, AFM, Analytics, APM, ASM, DNS, Link Controller, PEM, and WebSafe 12.1.2-HF1 and 13.0.0, an undisclosed type of responses may cause TMM to restart, causing an interruption of service when "SSL Forward Proxy" setting is enabled i...
CVE-2016-7469
- EPSS 0.95%
- Veröffentlicht 09.06.2017 15:29:00
- Zuletzt bearbeitet 13.05.2026 00:24:29
A stored cross-site scripting (XSS) vulnerability in the Configuration utility device name change page in BIG-IP LTM, AAM, AFM, Analytics, APM, ASM, DNS, Edge Gateway, GTM, Link Controller, PEM, PSM, WebAccelerator, WOM and WebSafe version 12.0.0 - 1...
CVE-2017-6131
- EPSS 1.14%
- Veröffentlicht 23.05.2017 15:29:00
- Zuletzt bearbeitet 13.05.2026 00:24:29
In some circumstances, an F5 BIG-IP version 12.0.0 to 12.1.2 and 13.0.0 Azure cloud instance may contain a default administrative password which could be used to remotely log into the BIG-IP system. The impacted administrative account is the Azure in...
CVE-2016-9250
- EPSS 0.9%
- Veröffentlicht 10.05.2017 14:29:00
- Zuletzt bearbeitet 13.05.2026 00:24:29
In F5 BIG-IP 11.2.1, 11.4.0 through 11.6.1, and 12.0.0 through 12.1.2, an unauthenticated user with access to the control plane may be able to delete arbitrary files through an undisclosed mechanism.
CVE-2016-9251
- EPSS 1.51%
- Veröffentlicht 09.05.2017 15:29:00
- Zuletzt bearbeitet 13.05.2026 00:24:29
In F5 BIG-IP 12.0.0 through 12.1.2, an authenticated attacker may be able to cause an escalation of privileges through a crafted iControl REST connection.
CVE-2016-9253
- EPSS 1.34%
- Veröffentlicht 09.05.2017 15:29:00
- Zuletzt bearbeitet 13.05.2026 00:24:29
In F5 BIG-IP 12.1.0 through 12.1.2, specific websocket traffic patterns may cause a disruption of service for virtual servers configured to use the websocket profile.