CVE-2016-9256
- EPSS 1.04%
- Veröffentlicht 09.05.2017 15:29:00
- Zuletzt bearbeitet 13.05.2026 00:24:29
In F5 BIG-IP 12.1.0 through 12.1.2, permissions enforced by iControl can lag behind the actual permissions assigned to a user if the role_map is not reloaded between the time the permissions are changed and the time of the user's next request. This i...
CVE-2017-6137
- EPSS 1.09%
- Veröffentlicht 09.05.2017 15:29:00
- Zuletzt bearbeitet 13.05.2026 00:24:29
In F5 BIG-IP LTM, AAM, AFM, Analytics, APM, ASM, DNS, Edge Gateway, GTM, Link Controller, PEM, PSM, WebAccelerator, and WebSafe 11.6.1 HF1, 12.0.0 HF3, 12.0.0 HF4, and 12.1.0 through 12.1.2, undisclosed traffic patterns received while software SYN co...
CVE-2016-9252
- EPSS 1.78%
- Veröffentlicht 27.03.2017 18:59:00
- Zuletzt bearbeitet 13.05.2026 00:24:29
The Traffic Management Microkernel (TMM) in F5 BIG-IP before 11.5.4 HF3, 11.6.x before 11.6.1 HF2 and 12.x before 12.1.2 does not properly handle minimum path MTU options for IPv6, which allows remote attackers to cause a denial-of-service (DoS) thro...
CVE-2016-7474
- EPSS 0.36%
- Veröffentlicht 27.03.2017 15:59:00
- Zuletzt bearbeitet 13.05.2026 00:24:29
In some cases the MCPD binary cache in F5 BIG-IP devices may allow a user with Advanced Shell access, or privileges to generate a qkview, to temporarily obtain normally unrecoverable information.
CVE-2016-9245
- EPSS 1.38%
- Veröffentlicht 07.03.2017 21:59:00
- Zuletzt bearbeitet 13.05.2026 00:24:29
In F5 BIG-IP systems 12.1.0 - 12.1.2, malicious requests made to virtual servers with an HTTP profile can cause the TMM to restart. The issue is exposed with BIG-IP APM profiles, regardless of settings. The issue is also exposed with the non-default ...
CVE-2016-6249
- EPSS 0.33%
- Veröffentlicht 20.02.2017 15:59:00
- Zuletzt bearbeitet 13.05.2026 00:24:29
F5 BIG-IP 12.0.0 and 11.5.0 - 11.6.1 REST requests which timeout during user account authentication may log sensitive attributes such as passwords in plaintext to /var/log/restjavad.0.log. It may allow local users to obtain sensitive information by r...
CVE-2016-9249
- EPSS 2.01%
- Veröffentlicht 31.01.2017 15:59:00
- Zuletzt bearbeitet 13.05.2026 00:24:29
An undisclosed traffic pattern received by a BIG-IP Virtual Server with TCP Fast Open enabled may cause the Traffic Management Microkernel (TMM) to restart, resulting in a Denial-of-Service (DoS).
CVE-2016-9247
- EPSS 1.89%
- Veröffentlicht 10.01.2017 16:59:00
- Zuletzt bearbeitet 06.05.2026 22:30:45
Under certain conditions for BIG-IP systems using a virtual server with an associated FastL4 profile and TCP analytics profile, a specific sequence of packets may cause the Traffic Management Microkernel (TMM) to restart.
CVE-2016-5024
- EPSS 1.84%
- Veröffentlicht 03.01.2017 21:59:00
- Zuletzt bearbeitet 06.05.2026 22:30:45
Virtual servers in F5 BIG-IP systems 11.6.1 before 11.6.1 HF1 and 12.1.x before 12.1.2, when configured to parse RADIUS messages via an iRule, allow remote attackers to cause a denial of service (Traffic Management Microkernel restart) via crafted ne...
CVE-2016-6876
- EPSS 1.58%
- Veröffentlicht 07.09.2016 19:28:17
- Zuletzt bearbeitet 06.05.2026 22:30:45
The RESOLV::lookup iRule command in F5 BIG-IP LTM, APM, ASM, and Link Controller 10.2.1 through 10.2.4, 11.2.1, 11.4.x, 11.5.x before 11.5.4 HF2, 11.6.x before 11.6.1, and 12.0.0 before HF3; BIG-IP AAM, AFM, and PEM 11.4.x, 11.5.x before 11.5.4 HF2, ...