F5 Networks BIG-IP : BIG-IP SNMPD vulnerability (K12139752)

Under certain conditions, the snmpd process may leak memory on a multi-blade BIG-IP Virtual Clustered Multiprocessing vCMP guest when processing authorized SNMP requests. CVE-2019-6608 Impact Over time, the snmpd process consumes excessive memory, forcing the BIG-IP system to slow down and...

CVE-2019-6601

In BIG-IP 13.0.0, 12.1.0-12.1.3.7, 11.6.1-11.6.3.2, or 11.5.1-11.5.8, the Application Acceleration Manager AAM wamd process used in processing of images and PDFs fails to drop group permissions when executing helper scripts...

Design/Logic Flaw

In BIG-IP 13.0.0, 12.1.0-12.1.3.7, 11.6.1-11.6.3.2, or 11.5.1-11.5.8, the Application Acceleration Manager AAM wamd process used in processing of images and PDFs fails to drop group permissions when executing helper scripts...

CVE-2019-6601

CVE-2019-6601 affects BIG-IP AAM: the wamd process fails to drop group permissions when running helper scripts for image/PDF processing. Affected: BIG-IP AAM across versions 11.5.1–11.5.8, 11.6.1–11.6.3.2, 12.1.0–12.1.3.7, and 13.0.0. Root cause: insufficient permission dropping in wamd. Impact: ...

CVE-2019-6601

In BIG-IP 13.0.0, 12.1.0-12.1.3.7, 11.6.1-11.6.3.2, or 11.5.1-11.5.8, the Application Acceleration Manager AAM wamd process used in processing of images and PDFs fails to drop group permissions when executing helper scripts...

PT-2019-18183 · F5 · Big-Ip

Name of the Vulnerable Software and Affected Versions: BIG-IP versions 11.5.1 through 11.5.8 BIG-IP versions 11.6.1 through 11.6.3.2 BIG-IP versions 12.1.0 through 12.1.3.7 BIG-IP version 13.0.0 Description: The Application Acceleration Manager AAM wamd process in BIG-IP fails to drop group...

F5 Networks BIG-IP : SSL forward proxy vulnerability (K64552448)

Under certain conditions on F5 BIG-IP 13.1.0-13.1.0.5, 13.0.0, 12.1.0-12.1.3.1, 11.6.0-11.6.3.1, or 11.5.0-11.5.6, TMM may core while processing SSL forward proxy traffic. CVE-2018-5534 Impact This vulnerability may allow a remote attacker to cause the Traffic Management Microkernel TMM to produc...

Multiple F5 Products Arbitrary File Write Vulnerability

F5 BIG-IP LTM, etc. are products of F5 Corporation, U.S.A. F5 BIG-IP LTM is a local traffic manager; BIG-IP AAM is an application acceleration manager. A security vulnerability exists in several F5 products. An attacker can exploit the vulnerability to perform a write operation to an arbitrary fi...

Denial of Service Vulnerability in Multiple F5 Products (CNVD-2018-10109)

F5 BIG-IP LTM, etc. are products of F5 Corporation, U.S.A. F5 BIG-IP LTM is a local traffic manager; BIG-IP AAM is an application acceleration manager. Security vulnerabilities exist in several F5 products. An attacker could exploit this vulnerability by sending malformed TCP packets to cause a...

Denial of Service Vulnerability in Multiple F5 Products (CNVD-2018-09413)

F5 BIG-IP LTM, etc. are products of F5 Corporation, U.S.A. F5 BIG-IP LTM is a local traffic manager; BIG-IP AAM is an application acceleration manager. A security vulnerability exists in several F5 products. An attacker could exploit the vulnerability to cause a denial of service...

F5 BIG-IP Denial of Service Vulnerability (CNVD-2018-06872)

F5 BIG-IP LTM, etc. are products of F5 Corporation, U.S.A. F5 BIG-IP LTM is a local traffic manager; BIG-IP AAM is an application acceleration manager. A security vulnerability exists in several F5 products. An attacker could exploit the vulnerability to cause the TMM to crash and cause it to...

F5 BIG-IP Denial of Service Vulnerability (CNVD-2018-06868)

F5 BIG-IP LTM, etc. are products of F5 Corporation, U.S.A. F5 BIG-IP LTM is a local traffic manager; BIG-IP AAM is an application acceleration manager. There are security vulnerabilities in several F5 products. An attacker can exploit this vulnerability with maliciously crafted client credentials...

Competitive condition vulnerability for multiple F5 products

F5 BIG-IP LTM, etc. are products of F5 Corporation, U.S.A. F5 BIG-IP LTM is a local traffic manager; BIG-IP AAM is an application acceleration manager. A competitive conditions vulnerability exists in several F5 products. An attacker could exploit the vulnerability to execute commands with...

Denial of Service Vulnerability in Multiple F5 Products (CNVD-2018-01166)

BIG-IP LTM is a product of F5 Corporation of the U.S. F5 BIG-IP LTM is a local traffic manager; BIG-IP AAM is an application acceleration manager. A denial of service vulnerability exists in multiple F5 products. An attacker can exploit this vulnerability by sending an HTTP request to cause a...

Denial of Service Vulnerability in Multiple F5 Products (CNVD-2018-01167)

BIG-IP LTM is a product of F5 Corporation of the U.S. F5 BIG-IP LTM is a local traffic manager; BIG-IP AAM is an application acceleration manager. A denial of service vulnerability exists in multiple F5 products. An attacker can exploit this vulnerability by sending packets to cause a denial of...

Denial of Service Vulnerability in Multiple F5 Products (CNVD-2018-01164)

BIG-IP LTM is a product of F5 Corporation of the U.S. F5 BIG-IP LTM is a local traffic manager; BIG-IP AAM is an application acceleration manager. A denial of service vulnerability exists in multiple F5 products. An attacker could exploit this vulnerability to cause a denial of service BIG-IP...

Denial of Service Vulnerability in Multiple F5 Products (CNVD-2018-01149)

BIG-IP LTM is a product of F5 Corporation of the U.S. F5 BIG-IP LTM is a local traffic manager; BIG-IP AAM is an application acceleration manager. A denial of service vulnerability exists in multiple F5 products. An attacker can exploit this vulnerability by sending a malicious request to cause a...

Denial of Service Vulnerability in Multiple F5 Products (CNVD-2017-37740)

F5 BIG-IP LTM, etc. are products of F5 Corporation, U.S.A. F5 BIG-IP LTM is a local traffic manager; BIG-IP AAM is an application acceleration manager. A denial of service vulnerability exists in multiple F5 products. An attacker could exploit this vulnerability to create a core file that...

F5 Networks BIG-IP : Linux kernel vulnerability (K81211720)

The tcpspliceread function in net/ipv4/tcp.c in the Linux kernel before 4.9.11 allows remote attackers to cause a denial of service infinite loop and soft lockup via vectors involving a TCP packet with the URG flag. CVE-2017-6214 C Tenable Network Security, Inc. The descriptive text and package...

Denial of Service Vulnerability in Multiple F5 Products (CNVD-2017-35198)

F5 BIG-IP LTM, etc. are products of F5 Corporation, U.S.A. F5 BIG-IP LTM is a local traffic manager; BIG-IP AAM is an application acceleration manager. Denial of service vulnerability in multiple F5 products. An attacker can exploit this vulnerability to cause a denial of service...