CVE-2023-28406
- EPSS 1.19%
- Veröffentlicht 03.05.2023 15:15:12
- Zuletzt bearbeitet 21.11.2024 07:55:00
A directory traversal vulnerability exists in an undisclosed page of the BIG-IP Configuration utility which may allow an authenticated attacker to read files with .xml extension. Access to restricted information is limited and the attacker does not c...
CVE-2023-23552
- EPSS 1.55%
- Veröffentlicht 01.02.2023 18:15:11
- Zuletzt bearbeitet 21.11.2024 07:46:24
On versions 17.0.x before 17.0.0.2, 16.1.x before 16.1.3.3, 15.1.0 before 15.1.8, 14.1.x before 14.1.5.3, and all versions of 13.1.x, when a BIG-IP Advanced WAF or BIG-IP ASM security policy is configured on a virtual server, undisclosed requests can...
CVE-2022-41836
- EPSS 0.62%
- Veröffentlicht 19.10.2022 22:15:13
- Zuletzt bearbeitet 21.11.2024 07:23:54
When an 'Attack Signature False Positive Mode' enabled security policy is configured on a virtual server, undisclosed requests can cause the bd process to terminate.
CVE-2022-41983
- EPSS 0.25%
- Veröffentlicht 19.10.2022 22:15:13
- Zuletzt bearbeitet 21.11.2024 07:24:12
On specific hardware platforms, on BIG-IP versions 16.1.x before 16.1.3.1, 15.1.x before 15.1.7, 14.1.x before 14.1.5.1, and all versions of 13.1.x, while Intel QAT (QuickAssist Technology) and the AES-GCM/CCM cipher is in use, undisclosed conditions...
CVE-2022-41617
- EPSS 1.1%
- Veröffentlicht 19.10.2022 22:15:12
- Zuletzt bearbeitet 21.11.2024 07:23:30
In versions 16.1.x before 16.1.3.1, 15.1.x before 15.1.6.1, 14.1.x before 14.1.5.1, and 13.1.x before 13.1.5.1, When the Advanced WAF / ASM module is provisioned, an authenticated remote code execution vulnerability exists in the BIG-IP iControl REST...
CVE-2022-41691
- EPSS 0.62%
- Veröffentlicht 19.10.2022 22:15:12
- Zuletzt bearbeitet 21.11.2024 07:23:39
When a BIG-IP Advanced WAF/ASM security policy is configured on a virtual server, undisclosed requests can cause the bd process to terminate.
CVE-2022-29491
- EPSS 0.87%
- Veröffentlicht 05.05.2022 17:15:15
- Zuletzt bearbeitet 21.11.2024 06:59:10
On F5 BIG-IP LTM, Advanced WAF, ASM, or APM 16.1.x versions prior to 16.1.2.2, 15.1.x versions prior to 15.1.5, 14.1.x versions prior to 14.1.4.6, and all versions of 13.1.x, 12.1.x, and 11.6.x, when a virtual server is configured with HTTP, TCP on o...
CVE-2022-27806
- EPSS 1.45%
- Veröffentlicht 05.05.2022 17:15:13
- Zuletzt bearbeitet 21.11.2024 06:56:13
On all versions of 16.1.x, 15.1.x, 14.1.x, 13.1.x, 12.1.x, and 11.6.x of F5 BIG-IP Advanced WAF, ASM, and ASM, and F5 BIG-IP Guided Configuration (GC) all versions prior to 9.0, when running in Appliance mode, an authenticated attacker assigned the A...
CVE-2022-26890
- EPSS 0.87%
- Veröffentlicht 05.05.2022 17:15:12
- Zuletzt bearbeitet 21.11.2024 06:54:44
On F5 BIG-IP Advanced WAF, ASM, and APM 16.1.x versions prior to 16.1.2.1, 15.1.x versions prior to 15.1.5, 14.1.x versions prior to 14.1.4.6, and 13.1.x versions prior to 13.1.5, when ASM or Advanced WAF, as well as APM, are configured on a virtual ...
CVE-2022-25946
- EPSS 0.38%
- Veröffentlicht 05.05.2022 17:15:11
- Zuletzt bearbeitet 21.11.2024 06:53:15
On all versions of 16.1.x, 15.1.x, 14.1.x, 13.1.x, 12.1.x, and 11.6.x of F5 BIG-IP Advanced WAF, ASM, and ASM, and F5 BIG-IP Guided Configuration (GC) all versions prior to 9.0, when running in Appliance mode, an authenticated attacker with Administr...