CVE-2020-5885

On versions 15.0.0-15.1.0.1, 14.1.0-14.1.2.3, 13.1.0-13.1.3.3, and 12.1.0-12.1.5.1, BIG-IP systems set up for connection mirroring in a high availability HA pair transfer sensitive cryptographic objects over an insecure communications channel. This is a control plane issue which is exposed only o...

CVE-2020-5886

On versions 15.0.0-15.1.0.1, 14.1.0-14.1.2.3, 13.1.0-13.1.3.3, and 12.1.0-12.1.5.1, BIG-IP systems setup for connection mirroring in a High Availability HA pair transfers sensitive cryptographic objects over an insecure communications channel. This is a control plane issue which is exposed only o...

CVE-2020-5885

On versions 15.0.0-15.1.0.1, 14.1.0-14.1.2.3, 13.1.0-13.1.3.3, and 12.1.0-12.1.5.1, BIG-IP systems set up for connection mirroring in a high availability HA pair transfer sensitive cryptographic objects over an insecure communications channel. This is a control plane issue which is exposed only o...

CVE-2020-5884

CVE-2020-5884 affects BIG-IP high availability (HA) state/connection mirroring. The advisory lists vulnerable branches and versions: 15.0.0–15.1.0.3, 14.1.0–14.1.2.4, 13.1.0–13.1.3.3, 12.1.0–12.1.5.1, and 11.6.1–11.6.5.1. The issue is a control plane weakness in the default mirroring deployment m...

F5 Networks BIG-IP : BIG-IP APM virtual server vulnerability (K46901953)

In certain circumstances, an attacker sending specifically crafted requests to aBIG-IP APM virtual server may cause a disruption of service provided by the Traffic Management MicrokernelTMM. CVE-2020-5874 Impact An attacker may be able to perform a denial-of-service DoS attack on a BIG-IP system ...

F5 Networks BIG-IP : BIG-IP SSL state mirroring vulnerability (K65720640)

BIG-IP systems setup for connection mirroring in a High Availability HA pair transfers sensitive cryptographic objects over an insecure communications channel. This is a control plane issue which is exposed only on the network used for connection mirroring.CVE-2020-5886 Impact On-path attackers m...

F5 Networks BIG-IP : BIG-IP SSL state mirroring vulnerability (K17663061)

BIG-IP systems set up for connection mirroring in a high availability HA pair transfersensitive cryptographic objects over an insecure communications channel. This is a control plane issue which is exposed only on the network used for connection mirroring.CVE-2020-5885 Impact On-path attackers ma...

F5 Networks BIG-IP : TLS 1.3 vulnerability (K34450231)

BIG-IP virtual servers with TLS 1.3 enabled may experience a denial-of-service DoS due to undisclosed incoming messages. CVE-2019-6659 Impact BIG-IP LTM, AAM, AFM, Analytics, APM, ASM, DNS, Edge Gateway, FPS, GTM, Link Controller, PEM, WebAccelerator Undisclosed messages sent to a TLS 1.3-enabled...

CVE-2019-6654

On versions 14.0.0-14.1.2, 13.0.0-13.1.3, 12.1.0-12.1.5, and 11.5.1-11.6.5, the BIG-IP system fails to perform Martian Address Filtering As defined in RFC 1812 section 5.3.7 on the control plane management interface. This may allow attackers on an adjacent system to force BIG-IP into processing...

CVE-2019-6654

On versions 14.0.0-14.1.2, 13.0.0-13.1.3, 12.1.0-12.1.5, and 11.5.1-11.6.5, the BIG-IP system fails to perform Martian Address Filtering As defined in RFC 1812 section 5.3.7 on the control plane management interface. This may allow attackers on an adjacent system to force BIG-IP into processing...

Design/Logic Flaw

On versions 14.0.0-14.1.2, 13.0.0-13.1.3, 12.1.0-12.1.5, and 11.5.1-11.6.5, the BIG-IP system fails to perform Martian Address Filtering As defined in RFC 1812 section 5.3.7 on the control plane management interface. This may allow attackers on an adjacent system to force BIG-IP into processing...

CVE-2019-6654

On versions 14.0.0-14.1.2, 13.0.0-13.1.3, 12.1.0-12.1.5, and 11.5.1-11.6.5, the BIG-IP system fails to perform Martian Address Filtering As defined in RFC 1812 section 5.3.7 on the control plane management interface. This may allow attackers on an adjacent system to force BIG-IP into processing...

Cisco Catalyst 4000 Series Switches TCP Denial of Service Vulnerability

A vulnerability in the ingress packet processing function of Cisco IOS Software for Cisco Catalyst 4000 Series Switches could allow an unauthenticated, remote attacker to cause a denial of service DoS condition on an affected device. The vulnerability is due to improper resource allocation when...

CVE-2019-6647

On BIG-IP 14.1.0-14.1.0.5, 14.0.0-14.0.0.4, 13.0.0-13.1.2, 12.1.0-12.1.4.1, 11.5.2-11.6.4, when processing authentication attempts for control-plane users MCPD leaks a small amount of memory. Under rare conditions attackers with access to the management interface could eventually deplete memory o...

CVE-2019-6647

On BIG-IP 14.1.0-14.1.0.5, 14.0.0-14.0.0.4, 13.0.0-13.1.2, 12.1.0-12.1.4.1, 11.5.2-11.6.4, when processing authentication attempts for control-plane users MCPD leaks a small amount of memory. Under rare conditions attackers with access to the management interface could eventually deplete memory o...

CVE-2019-6647

CVE-2019-6647 affects F5 BIG-IP MCPD: when processing authentication attempts for control-plane users, MCPD leaks memory, potentially leading to memory exhaustion and failover in affected releases. Affects BIG-IP versions 11.x–14.x (various sub-releases per vendor advisories). According to the ad...

CVE-2019-6639

On BIG-IP AFM, PEM 14.1.0-14.1.0.5, 14.0.0-14.0.0.4, 13.0.0-13.1.1.4, 12.1.0-12.1.4, 11.6.1-11.6.3.4, and 11.5.1-11.5.8, an undisclosed TMUI pages for AFM and PEM Subscriber management are vulnerable to a stored cross-site scripting XSS issue. This is a control plane issue only and is not...

CVE-2019-6639

On BIG-IP AFM, PEM 14.1.0-14.1.0.5, 14.0.0-14.0.0.4, 13.0.0-13.1.1.4, 12.1.0-12.1.4, 11.6.1-11.6.3.4, and 11.5.1-11.5.8, an undisclosed TMUI pages for AFM and PEM Subscriber management are vulnerable to a stored cross-site scripting XSS issue. This is a control plane issue only and is not...

Cross site scripting

On BIG-IP AFM, PEM 14.1.0-14.1.0.5, 14.0.0-14.0.0.4, 13.0.0-13.1.1.4, 12.1.0-12.1.4, 11.6.1-11.6.3.4, and 11.5.1-11.5.8, an undisclosed TMUI pages for AFM and PEM Subscriber management are vulnerable to a stored cross-site scripting XSS issue. This is a control plane issue only and is not...

CVE-2019-6639

CVE-2019-6639 affects BIG-IP AFM/PEM TMUI Subscriber Management pages. A stored XSS in undisclosed TMUI pages is exploitable by an authenticated Resource Administrator, potentially allowing execution of system commands with Administrator privileges (bash disabled in Appliance mode, but command ex...