F5

Big-ip Ssl Orchestrator

107 Schwachstellen gefunden.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
8.9

CVE-2025-21087

  • EPSS 0.34%
  • Veröffentlicht 05.02.2025 18:15:30
  • Zuletzt bearbeitet 21.10.2025 11:40:40

When Client or Server SSL profiles are configured on a Virtual Server, or DNSSEC signing operations are in use, undisclosed traffic can cause an increase in memory and CPU resource utilization. Note: Software versions which have reached End of T...

8.7

CVE-2025-21091

  • EPSS 0.34%
  • Veröffentlicht 05.02.2025 18:15:30
  • Zuletzt bearbeitet 21.10.2025 11:40:28

When SNMP v1 or v2c are disabled on the BIG-IP, undisclosed requests can cause an increase in memory resource utilization. Note: Software versions which have reached End of Technical Support (EoTS) are not evaluated

8.8

CVE-2025-20029

  • EPSS 48.96%
  • Veröffentlicht 05.02.2025 18:15:29
  • Zuletzt bearbeitet 21.10.2025 11:41:21

Command injection vulnerability exists in iControl REST and BIG-IP TMOS Shell (tmsh) save command, which may allow an authenticated attacker to execute arbitrary system commands. Note: Software versions which have reached End of Technical Suppor...

8.7

CVE-2025-20045

  • EPSS 0.4%
  • Veröffentlicht 05.02.2025 18:15:29
  • Zuletzt bearbeitet 21.10.2025 11:41:11

When SIP session Application Level Gateway mode (ALG) profile with Passthru Mode enabled and SIP router ALG profile are configured on a Message Routing type virtual server, undisclosed traffic can cause the Traffic Management Microkernel (TMM) to ter...

8.9

CVE-2025-20058

  • EPSS 0.34%
  • Veröffentlicht 05.02.2025 18:15:29
  • Zuletzt bearbeitet 21.10.2025 11:40:49

When a BIG-IP message routing profile is configured on a virtual server, undisclosed traffic can cause an increase in memory resource utilization. Note: Software versions which have reached End of Technical Support (EoTS) are not evaluated

8.6

CVE-2024-45844

Exploit
  • EPSS 0.04%
  • Veröffentlicht 16.10.2024 15:15:16
  • Zuletzt bearbeitet 21.10.2025 11:43:40

BIG-IP monitor functionality may allow an attacker to bypass access control restrictions, regardless of the port lockdown settings.  Note: Software versions which have reached End of Technical Support (EoTS) are not evaluated.

7.5

CVE-2024-41164

  • EPSS 0.67%
  • Veröffentlicht 14.08.2024 15:15:27
  • Zuletzt bearbeitet 19.08.2024 18:39:06

When TCP profile with Multipath TCP enabled (MPTCP) is configured on a Virtual Server, undisclosed traffic along with conditions beyond the attackers control can cause TMM to terminate. Note: Software versions which have reached End of Technical...

4.3

CVE-2024-41723

  • EPSS 0.35%
  • Veröffentlicht 14.08.2024 15:15:27
  • Zuletzt bearbeitet 20.08.2024 19:26:24

Undisclosed requests to BIG-IP iControl REST can lead to information leak of user account names.  Note: Software versions which have reached End of Technical Support (EoTS) are not evaluated.

7.5

CVE-2024-41727

  • EPSS 0.49%
  • Veröffentlicht 14.08.2024 15:15:27
  • Zuletzt bearbeitet 20.08.2024 19:25:12

In BIG-IP tenants running on r2000 and r4000 series hardware, or BIG-IP Virtual Edition (VEs) using Intel E810 SR-IOV NIC, undisclosed traffic can cause an increase in memory resource utilization.   Note: Software versions which have reached End of ...

7.5

CVE-2024-39778

  • EPSS 0.57%
  • Veröffentlicht 14.08.2024 15:15:26
  • Zuletzt bearbeitet 19.08.2024 16:20:52

When a stateless virtual server is configured on BIG-IP system with a High-Speed Bridge (HSB), undisclosed requests can cause TMM to terminate.   Note: Software versions which have reached End of Technical Support (EoTS) are not evaluated.