CVE-2019-6635
- EPSS 0.38%
- Veröffentlicht 03.07.2019 19:15:13
- Zuletzt bearbeitet 21.11.2024 04:46:51
On BIG-IP 14.1.0-14.1.0.5, 14.0.0-14.0.0.4, 13.0.0-13.1.1.4, 12.1.0-12.1.4, 11.6.1-11.6.3.4, and 11.5.1-11.5.8, when the BIG-IP system is licensed for Appliance mode, a user with either the Administrator or the Resource Administrator role can bypass ...
CVE-2019-6638
- EPSS 1.99%
- Veröffentlicht 03.07.2019 19:15:13
- Zuletzt bearbeitet 21.11.2024 04:46:51
On BIG-IP 14.1.0-14.1.0.5 and 14.0.0-14.0.0.4, Malformed http requests made to an undisclosed iControl REST endpoint can lead to infinite loop of the restjavad process.
CVE-2019-6640
- EPSS 1.1%
- Veröffentlicht 03.07.2019 19:15:13
- Zuletzt bearbeitet 21.11.2024 04:46:51
On BIG-IP 14.1.0-14.1.0.5, 14.0.0-14.0.0.4, 13.0.0-13.1.1.4, 12.1.0-12.1.4, 11.6.1-11.6.3.4, and 11.5.1-11.5.8, SNMP exposes sensitive configuration objects over insecure transmission channels. This issue is exposed when a passphrase is inserted into...
CVE-2019-6641
- EPSS 2.05%
- Veröffentlicht 03.07.2019 19:15:13
- Zuletzt bearbeitet 21.11.2024 04:46:51
On BIG-IP 12.1.0-12.1.4.1, undisclosed requests can cause iControl REST processes to crash. The attack can only come from an authenticated user; all roles are capable of performing the attack. Unauthenticated users cannot perform this attack.
CVE-2019-6632
- EPSS 0.37%
- Veröffentlicht 03.07.2019 19:15:12
- Zuletzt bearbeitet 21.11.2024 04:46:50
On BIG-IP 14.1.0-14.1.0.5, 14.0.0-14.0.0.4, 13.0.0-13.1.1.4, and 12.1.0-12.1.4, under certain circumstances, attackers can decrypt configuration items that are encrypted because the vCMP configuration unit key is generated with insufficient randomnes...
CVE-2019-6623
- EPSS 2.53%
- Veröffentlicht 02.07.2019 22:15:09
- Zuletzt bearbeitet 21.11.2024 04:46:49
On BIG-IP 14.1.0-14.1.0.5, 14.0.0-14.0.0.4, 13.0.0-13.1.1.4, and 12.1.0-12.1.4, undisclosed traffic sent to BIG-IP iSession virtual server may cause the Traffic Management Microkernel (TMM) to restart, resulting in a Denial-of-Service (DoS).
CVE-2019-6620
- EPSS 1.84%
- Veröffentlicht 02.07.2019 21:15:11
- Zuletzt bearbeitet 21.11.2024 04:46:49
On BIG-IP 14.1.0-14.1.0.5, 14.0.0-14.0.0.5, 13.0.0-13.1.1.4, 12.1.0-12.1.4.1, and 11.5.1-11.6.4 and BIG-IQ 6.0.0-6.1.0 and 5.1.0-5.4.0, an undisclosed iControl REST worker vulnerable to command injection for an Administrator user.
CVE-2019-6621
- EPSS 1.97%
- Veröffentlicht 02.07.2019 21:15:11
- Zuletzt bearbeitet 21.11.2024 04:46:49
On BIG-IP 14.1.0-14.1.0.5, 14.0.0-14.0.0.4, 13.0.0-13.1.1.4, 12.1.0-12.1.4.1, 11.6.1-11.6.3.4, and 11.5.2-11.5.8 and BIG-IQ 7.0.0-7.1.0.2, 6.0.0-6.1.0, and 5.1.0-5.4.0, an undisclosed iControl REST worker is vulnerable to command injection by an admi...
CVE-2019-6622
- EPSS 1.84%
- Veröffentlicht 02.07.2019 21:15:11
- Zuletzt bearbeitet 21.11.2024 04:46:49
On BIG-IP 14.1.0-14.1.0.5, 14.0.0-14.0.0.5, 13.0.0-13.1.1.4, 12.1.0-12.1.4.1, and 11.5.1-11.6.4, an undisclosed iControl REST worker is vulnerable to command injection by an administrator or resource administrator user. This attack is only exploitabl...
CVE-2019-6624
- EPSS 1.32%
- Veröffentlicht 02.07.2019 21:15:11
- Zuletzt bearbeitet 21.11.2024 04:46:49
On BIG-IP 14.1.0-14.1.0.5, 14.0.0-14.0.0.4, 13.0.0-13.1.1.4, and 12.1.0-12.1.4, an undisclosed traffic pattern sent to a BIG-IP UDP virtual server may lead to a denial-of-service (DoS).