CVE-2021-23013
- EPSS 0.86%
- Veröffentlicht 10.05.2021 14:15:07
- Zuletzt bearbeitet 21.11.2024 05:51:09
On BIG-IP versions 16.0.x before 16.0.1.1, 15.1.x before 15.1.3, 14.1.x before 14.1.4, 13.1.x before 13.1.3.6, and 12.1.x before 12.1.5.3, the Traffic Management Microkernel (TMM) may stop responding when processing Stream Control Transmission Protoc...
CVE-2021-23007
- EPSS 1.58%
- Veröffentlicht 31.03.2021 18:15:15
- Zuletzt bearbeitet 21.11.2024 05:51:08
On BIG-IP versions 14.1.4 and 16.0.1.1, when the Traffic Management Microkernel (TMM) process handles certain undisclosed traffic, it may start dropping all fragmented IP traffic. Note: Software versions which have reached End of Software Development...
CVE-2021-22977
- EPSS 1.02%
- Veröffentlicht 12.02.2021 20:15:13
- Zuletzt bearbeitet 21.11.2024 05:51:03
On BIG-IP version 16.0.0-16.0.1 and 14.1.2.4-14.1.3, cooperation between malicious HTTP client code and a malicious server may cause TMM to restart and generate a core file. Note: Software versions which have reached End of Software Development (EoSD...
CVE-2021-22978
- EPSS 0.79%
- Veröffentlicht 12.02.2021 20:15:13
- Zuletzt bearbeitet 21.11.2024 05:51:03
On BIG-IP version 16.0.x before 16.0.1, 15.1.x before 15.1.1, 14.1.x before 14.1.3.1, 13.1.x before 13.1.3.5, and all 12.1.x and 11.6.x versions, undisclosed endpoints in iControl REST allow for a reflected XSS attack, which could lead to a complete ...
CVE-2021-22979
- EPSS 0.58%
- Veröffentlicht 12.02.2021 18:15:12
- Zuletzt bearbeitet 21.11.2024 05:51:03
On BIG-IP version 16.0.x before 16.0.1, 15.1.x before 15.1.1, 14.1.x before 14.1.2.8, 13.1.x before 13.1.3.5, and all 12.1.x versions, a reflected Cross-Site Scripting (XSS) vulnerability exists in an undisclosed page of the BIG-IP Configuration util...
CVE-2021-22981
- EPSS 0.54%
- Veröffentlicht 12.02.2021 18:15:12
- Zuletzt bearbeitet 21.11.2024 05:51:03
On all versions of BIG-IP 12.1.x and 11.6.x, the original TLS protocol includes a weakness in the master secret negotiation that is mitigated by the Extended Master Secret (EMS) extension defined in RFC 7627. TLS connections that do not use EMS are v...
CVE-2021-22974
- EPSS 0.81%
- Veröffentlicht 12.02.2021 17:15:14
- Zuletzt bearbeitet 21.11.2024 05:51:02
On BIG-IP version 16.0.x before 16.0.1.1, 15.1.x before 15.1.2, 14.1.x before 14.1.3.1, and 13.1.x before 13.1.3.6 and all versions of BIG-IQ 7.x and 6.x, an authenticated attacker with access to iControl REST over the control plane may be able to ta...
CVE-2021-22975
- EPSS 0.93%
- Veröffentlicht 12.02.2021 17:15:14
- Zuletzt bearbeitet 21.11.2024 05:51:03
On BIG-IP version 16.0.x before 16.0.1.1, 15.1.x before 15.1.2.1, and 14.1.x before 14.1.3.1, under some circumstances, Traffic Management Microkernel (TMM) may restart on the BIG-IP system while passing large bursts of traffic. Note: Software versio...
CVE-2020-5949
- EPSS 1.03%
- Veröffentlicht 11.12.2020 19:15:13
- Zuletzt bearbeitet 21.11.2024 05:34:53
On BIG-IP versions 14.0.0-14.0.1 and 13.1.0-13.1.3.4, certain traffic pattern sent to a virtual server configured with an FTP profile can cause the FTP channel to break.
CVE-2020-5939
- EPSS 1%
- Veröffentlicht 05.11.2020 20:15:17
- Zuletzt bearbeitet 21.11.2024 05:34:52
In versions 16.0.0-16.0.0.1, 15.1.0-15.1.0.3, 15.0.0-15.0.1.3, 14.1.0-14.1.2.6, and 13.1.0-13.1.3.4, BIG-IP Virtual Edition (VE) systems on VMware, with an Intel-based 85299 Network Interface Controller (NIC) card and Single Root I/O Virtualization (...