F5

Big-ip Global Traffic Manager

410 vulnerabilities found.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
7.8

CVE-2018-5512

  • EPSS 2.23%
  • Published 02.05.2018 13:29:00
  • Last modified 21.11.2024 04:08:57

On F5 BIG-IP 13.1.0-13.1.0.5, when Large Receive Offload (LRO) and SYN cookies are enabled (default settings), undisclosed traffic patterns may cause TMM to restart.

7.5

CVE-2018-5514

  • EPSS 2.68%
  • Published 02.05.2018 13:29:00
  • Last modified 21.11.2024 04:08:58

On F5 BIG-IP 13.1.0-13.1.0.5, maliciously crafted HTTP/2 request frames can lead to denial of service. There is data plane exposure for virtual servers when the HTTP2 profile is enabled. There is no control plane exposure to this issue.

6.3

CVE-2018-5515

  • EPSS 4.03%
  • Published 02.05.2018 13:29:00
  • Last modified 21.11.2024 04:08:58

On F5 BIG-IP 13.0.0-13.1.0.5, using RADIUS authentication responses from a RADIUS server with IPv6 addresses may cause TMM to crash, leading to a failover event.

4.7

CVE-2018-5516

  • EPSS 0.12%
  • Published 02.05.2018 13:29:00
  • Last modified 21.11.2024 04:08:58

On F5 BIG-IP 13.0.0-13.1.0.5, 12.1.0-12.1.2, or 11.2.1-11.6.3.1, Enterprise Manager 3.1.1, BIG-IQ Centralized Management 5.0.0-5.4.0 or 4.6.0, BIG-IQ Cloud and Orchestration 1.0.0, or F5 iWorkflow 2.0.2-2.3.0, authenticated users granted TMOS Shell (...

7.5

CVE-2018-5517

  • EPSS 0.75%
  • Published 02.05.2018 13:29:00
  • Last modified 21.11.2024 04:08:58

On F5 BIG-IP 13.1.0-13.1.0.5, malformed TCP packets sent to a self IP address or a FastL4 virtual server may cause an interruption of service. The control plane is not exposed to this issue. This issue impacts the data plane virtual servers and self ...

5.4

CVE-2018-5518

  • EPSS 0.11%
  • Published 02.05.2018 13:29:00
  • Last modified 21.11.2024 04:08:58

On F5 BIG-IP 13.0.0-13.1.0.5 or 12.0.0-12.1.3.3, malicious root users with access to a VCMP guest can cause a disruption of service on adjacent VCMP guests running on the same host. Exploiting this vulnerability causes the vCMPd process on the adjace...

5.5

CVE-2018-5519

  • EPSS 0.2%
  • Published 02.05.2018 13:29:00
  • Last modified 21.11.2024 04:08:58

On F5 BIG-IP 13.0.0-13.1.0.5, 12.1.0-12.1.3.3, or 11.2.1-11.6.3.1, administrative users by way of undisclosed methods can exploit the ssldump utility to write to arbitrary file paths. For users who do not have Advanced Shell access (for example, any ...

4.4

CVE-2018-5520

  • EPSS 0.2%
  • Published 02.05.2018 13:29:00
  • Last modified 21.11.2024 04:08:59

On an F5 BIG-IP 13.0.0-13.1.0.5, 12.1.0-12.1.3.1, or 11.2.1-11.6.3.1 system configured in Appliance mode, the TMOS Shell (tmsh) may allow an administrative user to use the dig utility to gain unauthorized access to file system resources.

6.4

CVE-2017-6156

  • EPSS 0.39%
  • Published 13.04.2018 13:29:00
  • Last modified 21.11.2024 03:29:09

When the F5 BIG-IP 12.1.0-12.1.1, 11.6.0-11.6.1, 11.5.1-11.5.5, or 11.2.1 system is configured with a wildcard IPSec tunnel endpoint, it may allow a remote attacker to disrupt or impersonate the tunnels that have completed phase 1 IPSec negotiations....

6.5

CVE-2017-6158

  • EPSS 0.61%
  • Published 13.04.2018 13:29:00
  • Last modified 21.11.2024 03:29:09

In F5 BIG-IP 12.0.0-12.1.2, 11.6.0-11.6.1, 11.5.1-11.5.5, or 11.2.1 there is a vulnerability in TMM related to handling of invalid IP addresses.