121 matches found
CVE-2019-6654
On versions 14.0.0-14.1.2, 13.0.0-13.1.3, 12.1.0-12.1.5, and 11.5.1-11.6.5, the BIG-IP system fails to perform Martian Address Filtering As defined in RFC 1812 section 5.3.7 on the control plane management interface. This may allow attackers on an adjacent system to force BIG-IP into processing...
CVE-2019-6633
On BIG-IP 14.1.0-14.1.0.5, 14.0.0-14.0.0.4, 13.0.0-13.1.1.4, 12.1.0-12.1.4.1, and 11.5.1-11.6.4, when the BIG-IP system is licensed with Appliance mode, user accounts with Administrator and Resource Administrator roles can bypass Appliance mode restrictions...
CVE-2019-6637
On BIG-IP ASM 14.1.0-14.1.0.5, 14.0.0-14.0.0.4, 13.0.0-13.1.1.4, and 12.1.0-12.1.4, Application logic abuse of ASM REST endpoints can lead to instability of BIG-IP system. Exploitation of this issue causes excessive memory consumption which results in the Linux kernel triggering OOM killer on...
CVE-2025-35995
When a BIG-IP PEM system is licensed with URL categorization, and the URL categorization policy or an iRule with the urlcat command is enabled on a virtual server, undisclosed requests can cause the Traffic Management Microkernel TMM to terminate. Note: Software versions which have reached End of...
K000140937: BIG-IP SIP ALG profile vulnerability CVE-2025-41433
Security Advisory Description When a Session Initiation Protocol SIP message routing framework MRF application layer gateway ALG profile is configured on a Message Routing virtual server, undisclosed requests can cause the Traffic Management Microkernel TMM to terminate. CVE-2025-41433 Impact...
K000140968: BIG-IP HTTP/2 vulnerability CVE-2025-41414
Security Advisory Description When HTTP/2 client and server profiles are simultaneously configured on a virtual server, undisclosed requests can cause the Traffic Management Microkernel TMM to terminate. CVE-2025-41414 Impact Traffic is disrupted while the TMM process restarts. This vulnerability...
K000149915: zlib vulnerability CVE-2016-9841
Security Advisory Description inffast.c in zlib 1.2.8 might allow context-dependent attackers to have unspecified impact by leveraging improper pointer arithmetic. CVE-2016-9841 Impact This vulnerability may allow an attacker to cause a denial-of-service DoS on the BIG-IP or BIG-IQ system. Securi...
K000149905: zlib vulnerability CVE-2016-9840
Security Advisory Description inftrees.c in zlib 1.2.8 might allow context-dependent attackers to have unspecified impact by leveraging improper pointer arithmetic. CVE-2016-9840 Impact This vulnerability may allow an attacker to cause a denial-of-service DoS on the BIG-IP or BIG-IQ system...
K000140933: BIG-IP SNMP vulnerability CVE-2025-21091
Security Advisory Description When SNMP v1 or v2c are disabled on the BIG-IP system, undisclosed requests can cause an increase in memory resource utilization. CVE-2025-21091 Impact System performance can degrade until the snmpd process is either forced to restart or is manually restarted. This...
K000138757: BIG-IP iControl REST vulnerability CVE-2025-23239
Security Advisory Description When running in Appliance mode, and logged into a highly-privileged role, an authenticated remote command injection vulnerability exists in an undisclosed iControl REST endpoint. A successful exploit can allow the attacker to cross a security boundary. CVE-2025-23239...
F5 BIG-IP 资源管理错误漏洞
F5 BIG-IP is an application delivery platform from F5 USA that integrates network traffic management, application security management, load balancing and other functions. An uncontrolled resource consumption vulnerability exists in F5 BIG-IP, which can be exploited by an attacker to cause a denia...
K000149130: c-ares vulnerability CVE-2017-1000381
Security Advisory Description The c-ares function aresparsenaptrreply, which is used for parsing NAPTR responses, could be triggered to read memory outside of the given input buffer if the passed in DNS response packet was crafted in a particular way. CVE-2017-1000381 Impact An authenticated...
CVE-2024-39778
CVE-2024-39778 affects BIG-IP platforms with High-Speed Bridge (HSB) where a stateless virtual server can be abused by undisclosed requests to cause TMM termination, causing DoS. Concrete details from connected sources show affected tracks per F5 advisories: BIG-IP Next (all modules) vulnerable; ...
CVE-2024-23976
When running in Appliance mode, an authenticated attacker assigned the Administrator role may be able to bypass Appliance mode restrictions utilizing iAppsLX templates on a BIG-IP system. Note: Software versions which have reached End of Technical Support EoTS are not evaluated...
Authentication flaw
When running in Appliance mode, an authenticated attacker assigned the Administrator role may be able to bypass Appliance mode restrictions utilizing iAppsLX templates on a BIG-IP system. Note: Software versions which have reached End of Technical Support EoTS are not evaluated...
K000135873: BIG-IP Websockets vulnerability CVE-2024-21849
Security Advisory Description When an Advanced WAF/ASM security policy and a Websockets profile are configured on a virtual server, undisclosed traffic can cause the Traffic Management Microkernel TMM process to terminate. CVE-2024-21849 Impact Traffic is disrupted while the TMM process restarts...
CVE-2023-46747
Undisclosed requests may bypass configuration utility authentication, allowing an attacker with network access to the BIG-IP system through the management port and/or self IP addresses to execute arbitrary system commands. Note: Software versions which have reached End of Technical Support EoTS...
CVE-2023-46747
CVE-2023-46747 is an unauthenticated remote code execution flaw in F5 BIG-IP TMUI (management port/self IP). Public linked PoCs/exploits demonstrate unauthenticated RCE by targeting TMUI to create or leverage a user/token flow and execute commands on vulnerable devices; CVSS v3.1 = 9.8 (CRITICAL)...
CVE-2023-43746
When running in Appliance mode, an authenticated user assigned the Administrator role may be able to bypass Appliance mode restrictions, utilizing BIG-IP external monitor on a BIG-IP system. A successful exploit can allow the attacker to cross a security boundary. Note: Software versions which...
CVE-2023-43746
When running in Appliance mode, an authenticated user assigned the Administrator role may be able to bypass Appliance mode restrictions, utilizing BIG-IP external monitor on a BIG-IP system. A successful exploit can allow the attacker to cross a security boundary. Note: Software versions which...