16 matches found
CVE-2026-40423
CVE-2026-40423 affects BIG-IP SIP profile on a virtual server. Undisclosed traffic can cause the Traffic Management Microkernel (TMM) to terminate, disrupting traffic and allowing a remote, unauthenticated attacker to trigger a DoS. Impact is shown as HIGH (CVSS v3.1: 7.5) and HIGH (CVSS v4.0: 8....
EUVD-2025-34646
When DNS cache is configured on a BIG-IP or BIG-IP Next CNF virtual server, undisclosed DNS queries can cause an increase in memory resource utilization. Note: Software versions which have reached End of Technical Support EoTS are not evaluated...
F5 BIG-IP APM 安全漏洞
F5 BIG-IP APM is a suite of access and security solutions from F5 USA. The product provides unified access to business-critical applications and networks. A security vulnerability exists in F5 BIG-IP APM that stems from a PingAccess configuration that causes TMM to terminate...
F5 BIG-IP 输入验证错误漏洞
F5 BIG-IP is an application delivery platform that integrates network traffic management, application security management, and load balancing from F5 USA. F5 BIG-IP suffers from an input validation error vulnerability that stems from an undisclosed input that could cause the Traffic Management...
F5 BIG-IP 信任管理问题漏洞
F5 BIG-IP is an application delivery platform from F5 that integrates network traffic orchestration, load balancing, intelligent DNS, remote access policy management, etc. A certificate validation error vulnerability exists in F5 BIG-IP Traffic Intelligence Feeds, which can be exploited by...
F5 BIG-IP多款产品命令注入漏洞
F5 BIG-IP and so on are products of F5 Corporation in the U.S.A. F5 BIG-IP is an application delivery platform that integrates network traffic management, application security management, load balancing, etc. F5 BIG-IP ASM is a Web Application Firewall WAF, and F5 Big-Ip Advanced Waf is an Advanc...
F5 BIG-IP APM Denial of Service Vulnerability (CNVD-2021-04826)
F5 BIG-IP APM is a suite of access and security solutions from F5 USA. The product provides unified access to business-critical applications and networks. A security vulnerability exists in F5 BIG-IP APM, which can be exploited by an attacker who can trigger a fatal error to trigger a denial via...
CVE-2020-27725
In version 15.1.0-15.1.0.5, 14.1.0-14.1.3, 13.1.0-13.1.3.4, 12.1.0-12.1.5.2, and 11.6.1-11.6.5.2 of BIG-IP DNS, GTM, and Link Controller, zxfrd leaks memory when listing DNS zones. Zones can be listed via TMSH, iControl or SNMP; only users with access to those services can trigger this...
F5 BIG-IP APM 安全漏洞
F5 BIG-IP APM is a suite of access and security solutions from F5 USA. The product provides unified access to business-critical applications and networks. A security vulnerability exists in F5 BIG-IP APM, which can be exploited by an attacker to trigger a denial of service by pinging access to F5...
Critical RCE Flaw Affects F5 BIG-IP Application Security Servers
Cybersecurity researchers today issued a security advisory warning enterprises and governments across the globe to immediately patch a highly-critical remote code execution vulnerability affecting F5's BIG-IP networking devices running application security servers. The vulnerability, assigned...
Multiple F5 Product Access Privilege Vulnerabilities
F5 BIG-IP LTM and so on are products of F5 Corporation in the U.S.A. F5 BIG-IP LTM is a local traffic manager; BIG-IP AAM is an application acceleration manager. iControl REST is one of the stateful display transport interfaces. A security vulnerability exists in iControl REST in several F5...
Multiple F5 BIG-IP and BIG-IQ Products Information Disclosure Vulnerabilities
F5 BIG-IP LTM and others are products of F5 USA.LTM is a local traffic manager; BIG-IQ is a software-based cloud management solution. The solution supports the deployment of application delivery and network services across public and private clouds, traditional data centers and hybrid...
SOL16946 - Boost memory allocator vulnerability CVE-2012-2677
Vulnerability Recommended Actions If the previous table lists a version in the Versions known to be not vulnerable column, you can eliminate this vulnerability by upgrading to the listed version. If the listed version is older than the version you are currently running, or if the table does not...
SOL16871 - logrotate vulnerability CVE-2011-1155
Note: As of February 17, 2015, AskF5 Security Advisory articles include the Severity value. Security Advisory articles published before this date do not list a Severity value. Recommended Action If the previous table lists a version in the Versions known to be not vulnerable column, you can...
SOL16396 - GnuPG vulnerability CVE-2013-4576
Recommended Action If the previous table lists a version in the Versions known to be not vulnerable column, you can eliminate this vulnerability by upgrading to the listed version. If the listed version is older than the version you are currently running, or if the table does not list any version...
SOL14316 - BIND vulnerability CVE-2012-3817
Vulnerability Recommended Actions To eliminate this vulnerability, upgrade to a version that is listed in the Versions known to be not vulnerable column in the previous table. Supplemental Information SOL9970: Subscribing to email notifications regarding F5 products SOL9957: Creating a custom RSS...