F5

Big-ip Application Security Manager

537 Schwachstellen gefunden.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
8.7

CVE-2022-41800

  • EPSS 92.7%
  • Veröffentlicht 07.12.2022 04:15:10
  • Zuletzt bearbeitet 21.11.2024 07:23:52

In all versions of BIG-IP, when running in Appliance mode, an authenticated user assigned the Administrator role may be able to bypass Appliance mode restrictions, utilizing an undisclosed iControl REST endpoint. A successful exploit can allow the a...

7.5

CVE-2022-41832

  • EPSS 0.68%
  • Veröffentlicht 19.10.2022 22:15:13
  • Zuletzt bearbeitet 21.11.2024 07:23:53

In BIG-IP versions 17.0.x before 17.0.0.1, 16.1.x before 16.1.3.1, 15.1.x before 15.1.6.1, 14.1.x before 14.1.5.1, and 13.1.x before 13.1.5.1, when a SIP profile is configured on a virtual server, undisclosed messages can cause an increase in memory ...

7.5

CVE-2022-41833

  • EPSS 0.95%
  • Veröffentlicht 19.10.2022 22:15:13
  • Zuletzt bearbeitet 21.11.2024 07:23:54

In all BIG-IP 13.1.x versions, when an iRule containing the HTTP::collect command is configured on a virtual server, undisclosed requests can cause Traffic Management Microkernel (TMM) to terminate.

7.5

CVE-2022-41836

  • EPSS 0.68%
  • Veröffentlicht 19.10.2022 22:15:13
  • Zuletzt bearbeitet 21.11.2024 07:23:54

When an 'Attack Signature False Positive Mode' enabled security policy is configured on a virtual server, undisclosed requests can cause the bd process to terminate.

3.7

CVE-2022-41983

  • EPSS 0.2%
  • Veröffentlicht 19.10.2022 22:15:13
  • Zuletzt bearbeitet 21.11.2024 07:24:12

On specific hardware platforms, on BIG-IP versions 16.1.x before 16.1.3.1, 15.1.x before 15.1.7, 14.1.x before 14.1.5.1, and all versions of 13.1.x, while Intel QAT (QuickAssist Technology) and the AES-GCM/CCM cipher is in use, undisclosed conditions...

7.2

CVE-2022-41617

  • EPSS 6.34%
  • Veröffentlicht 19.10.2022 22:15:12
  • Zuletzt bearbeitet 21.11.2024 07:23:30

In versions 16.1.x before 16.1.3.1, 15.1.x before 15.1.6.1, 14.1.x before 14.1.5.1, and 13.1.x before 13.1.5.1, When the Advanced WAF / ASM module is provisioned, an authenticated remote code execution vulnerability exists in the BIG-IP iControl REST...

7.5

CVE-2022-41624

  • EPSS 0.65%
  • Veröffentlicht 19.10.2022 22:15:12
  • Zuletzt bearbeitet 21.11.2024 07:23:31

In BIG-IP versions 17.0.x before 17.0.0.1, 16.1.x before 16.1.3.2, 15.1.x before 15.1.7, 14.1.x before 14.1.5.2, and 13.1.x before 13.1.5.1, when a sideband iRule is configured on a virtual server, undisclosed traffic can cause an increase in memory ...

7.5

CVE-2022-41691

  • EPSS 0.94%
  • Veröffentlicht 19.10.2022 22:15:12
  • Zuletzt bearbeitet 21.11.2024 07:23:39

When a BIG-IP Advanced WAF/ASM security policy is configured on a virtual server, undisclosed requests can cause the bd process to terminate.

4.9

CVE-2022-41694

  • EPSS 0.65%
  • Veröffentlicht 19.10.2022 22:15:12
  • Zuletzt bearbeitet 21.11.2024 07:23:39

In BIG-IP versions 16.1.x before 16.1.3, 15.1.x before 15.1.6.1, 14.1.x before 14.1.5, and all versions of 13.1.x, and BIG-IQ versions 8.x before 8.2.0.1 and all versions of 7.x, when an SSL key is imported on a BIG-IP or BIG-IQ system, undisclosed i...

6.5

CVE-2022-41770

  • EPSS 0.95%
  • Veröffentlicht 19.10.2022 22:15:12
  • Zuletzt bearbeitet 21.11.2024 07:23:48

In BIG-IP versions 17.0.x before 17.0.0.1, 16.1.x before 16.1.3.1, 15.1.x before 15.1.7, 14.1.x before 14.1.5.1, and all versions of 13.1.x, and BIG-IQ all versions of 8.x and 7.x, an authenticated iControl REST user can cause an increase in memory r...