F5

Big-ip Application Security Manager

492 vulnerabilities found.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
7.8

CVE-2018-5512

  • EPSS 2.23%
  • Published 02.05.2018 13:29:00
  • Last modified 21.11.2024 04:08:57

On F5 BIG-IP 13.1.0-13.1.0.5, when Large Receive Offload (LRO) and SYN cookies are enabled (default settings), undisclosed traffic patterns may cause TMM to restart.

7.5

CVE-2018-5514

  • EPSS 2.68%
  • Published 02.05.2018 13:29:00
  • Last modified 21.11.2024 04:08:58

On F5 BIG-IP 13.1.0-13.1.0.5, maliciously crafted HTTP/2 request frames can lead to denial of service. There is data plane exposure for virtual servers when the HTTP2 profile is enabled. There is no control plane exposure to this issue.

6.3

CVE-2018-5515

  • EPSS 4.03%
  • Published 02.05.2018 13:29:00
  • Last modified 21.11.2024 04:08:58

On F5 BIG-IP 13.0.0-13.1.0.5, using RADIUS authentication responses from a RADIUS server with IPv6 addresses may cause TMM to crash, leading to a failover event.

4.7

CVE-2018-5516

  • EPSS 0.12%
  • Published 02.05.2018 13:29:00
  • Last modified 21.11.2024 04:08:58

On F5 BIG-IP 13.0.0-13.1.0.5, 12.1.0-12.1.2, or 11.2.1-11.6.3.1, Enterprise Manager 3.1.1, BIG-IQ Centralized Management 5.0.0-5.4.0 or 4.6.0, BIG-IQ Cloud and Orchestration 1.0.0, or F5 iWorkflow 2.0.2-2.3.0, authenticated users granted TMOS Shell (...

7.5

CVE-2018-5517

  • EPSS 0.75%
  • Published 02.05.2018 13:29:00
  • Last modified 21.11.2024 04:08:58

On F5 BIG-IP 13.1.0-13.1.0.5, malformed TCP packets sent to a self IP address or a FastL4 virtual server may cause an interruption of service. The control plane is not exposed to this issue. This issue impacts the data plane virtual servers and self ...

5.4

CVE-2018-5518

  • EPSS 0.11%
  • Published 02.05.2018 13:29:00
  • Last modified 21.11.2024 04:08:58

On F5 BIG-IP 13.0.0-13.1.0.5 or 12.0.0-12.1.3.3, malicious root users with access to a VCMP guest can cause a disruption of service on adjacent VCMP guests running on the same host. Exploiting this vulnerability causes the vCMPd process on the adjace...

5.5

CVE-2018-5519

  • EPSS 0.2%
  • Published 02.05.2018 13:29:00
  • Last modified 21.11.2024 04:08:58

On F5 BIG-IP 13.0.0-13.1.0.5, 12.1.0-12.1.3.3, or 11.2.1-11.6.3.1, administrative users by way of undisclosed methods can exploit the ssldump utility to write to arbitrary file paths. For users who do not have Advanced Shell access (for example, any ...

4.4

CVE-2018-5520

  • EPSS 0.2%
  • Published 02.05.2018 13:29:00
  • Last modified 21.11.2024 04:08:59

On an F5 BIG-IP 13.0.0-13.1.0.5, 12.1.0-12.1.3.1, or 11.2.1-11.6.3.1 system configured in Appliance mode, the TMOS Shell (tmsh) may allow an administrative user to use the dig utility to gain unauthorized access to file system resources.

5.8

CVE-2017-6143

  • EPSS 0.11%
  • Published 13.04.2018 13:29:00
  • Last modified 21.11.2024 03:29:08

X509 certificate verification was not correctly implemented in the IP Intelligence Subscription and IP Intelligence feed-list features, and thus the remote server's identity is not properly validated in F5 BIG-IP 12.0.0-12.1.2, 11.6.0-11.6.2, or 11.5...

7.5

CVE-2017-6148

  • EPSS 0.65%
  • Published 13.04.2018 13:29:00
  • Last modified 21.11.2024 03:29:08

Responses to SOCKS proxy requests made through F5 BIG-IP version 13.0.0, 12.0.0-12.1.3.1, 11.6.1-11.6.2, or 11.5.1-11.5.5 may cause a disruption of services provided by TMM. The data plane is impacted and exposed only when a SOCKS proxy profile is at...