F5

Big-ip Application Security Manager

492 vulnerabilities found.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
7.5

CVE-2018-5530

  • EPSS 0.75%
  • Published 25.07.2018 14:29:00
  • Last modified 21.11.2024 04:09:00

F5 BIG-IP 13.0.0-13.1.0.5, 12.1.0-12.1.3.5, or 11.6.0-11.6.3.1 virtual servers with HTTP/2 profiles enabled are vulnerable to "HPACK Bomb".

7.4

CVE-2018-5531

  • EPSS 0.18%
  • Published 25.07.2018 14:29:00
  • Last modified 21.11.2024 04:09:00

Through undisclosed methods, on F5 BIG-IP 13.0.0-13.1.0.7, 12.1.0-12.1.3.5, 11.6.0-11.6.3.1, or 11.2.1-11.5.6, adjacent network attackers can cause a denial of service for VCMP guest and host systems. Attack must be sourced from adjacent network (lay...

5.3

CVE-2018-5537

  • EPSS 0.69%
  • Published 25.07.2018 14:29:00
  • Last modified 21.11.2024 04:09:01

A remote attacker may be able to disrupt services on F5 BIG-IP 13.0.0-13.1.0.5, 12.1.0-12.1.3.5, 11.6.0-11.6.3.1, or 11.2.1-11.5.6 if the TMM virtual server is configured with a HTML or a Rewrite profile. TMM may restart while processing some special...

7.5

CVE-2018-5539

  • EPSS 0.75%
  • Published 25.07.2018 14:29:00
  • Last modified 21.11.2024 04:09:01

Under certain conditions, on F5 BIG-IP ASM 13.0.0-13.1.0.7, 12.1.0-12.1.3.5, 11.6.0-11.6.3.1, 11.5.1-11.5.6, or 11.2.1, when processing CSRF protections, the BIG-IP ASM bd process may restart and produce a core file.

7.8

CVE-2018-5541

  • EPSS 0.59%
  • Published 25.07.2018 14:29:00
  • Last modified 21.11.2024 04:09:02

When F5 BIG-IP ASM 13.0.0-13.1.0.1, 12.1.0-12.1.3.5, 11.6.0-11.6.3.1, or 11.5.1-11.5.6 is processing HTTP requests, an unusually large number of parameters can cause excessive CPU usage in the BIG-IP ASM bd process.

8.1

CVE-2018-5542

  • EPSS 0.84%
  • Published 25.07.2018 14:29:00
  • Last modified 21.11.2024 04:09:02

F5 BIG-IP 13.0.0-13.0.1, 12.1.0-12.1.3.6, or 11.2.1-11.6.3.2 HTTPS health monitors do not validate the identity of the monitored server.

5.3

CVE-2018-5532

  • EPSS 0.39%
  • Published 19.07.2018 14:29:00
  • Last modified 21.11.2024 04:09:00

On F5 BIG-IP 13.0.0, 12.1.0-12.1.2, 11.6.0-11.6.3.1, or 11.2.1-11.5.6 a domain name cached within the DNS Cache of TMM may continue to be resolved by the cache even after the parent server revokes the record, if the DNS Cache is receiving a stream of...

7.5

CVE-2018-5533

  • EPSS 0.75%
  • Published 19.07.2018 14:29:00
  • Last modified 21.11.2024 04:09:00

Under certain conditions on F5 BIG-IP 13.0.0, 12.1.0-12.1.2, 11.6.0-11.6.3.1, or 11.5.0-11.5.6, TMM may core while processing SSL forward proxy traffic.

7.5

CVE-2018-5534

  • EPSS 0.75%
  • Published 19.07.2018 14:29:00
  • Last modified 21.11.2024 04:09:00

Under certain conditions on F5 BIG-IP 13.1.0-13.1.0.5, 13.0.0, 12.1.0-12.1.3.1, 11.6.0-11.6.3.1, or 11.5.0-11.5.6, TMM may core while processing SSL forward proxy traffic.

7.5

CVE-2018-5535

  • EPSS 1.31%
  • Published 19.07.2018 14:29:00
  • Last modified 21.11.2024 04:09:01

On F5 BIG-IP 14.0.0, 13.0.0-13.1.0, 12.1.0-12.1.3, or 11.5.1-11.6.3 specifically crafted HTTP responses, when processed by a Virtual Server with an associated QoE profile that has Video enabled, may cause TMM to incorrectly buffer response data causi...