CVE-2019-6639

On BIG-IP AFM, PEM 14.1.0-14.1.0.5, 14.0.0-14.0.0.4, 13.0.0-13.1.1.4, 12.1.0-12.1.4, 11.6.1-11.6.3.4, and 11.5.1-11.5.8, an undisclosed TMUI pages for AFM and PEM Subscriber management are vulnerable to a stored cross-site scripting XSS issue. This is a control plane issue only and is not...

Code injection

On BIG-IP 14.1.0-14.1.0.5, undisclosed SSL traffic to a virtual server configured with a Client SSL profile may cause TMM to fail and restart. The Client SSL profile must have session tickets enabled and use DHE cipher suites to be affected. This only impacts the data plane, there is no impact to...

PT-2019-18221 · F5 · Big-Ip

Name of the Vulnerable Software and Affected Versions: BIG-IP AFM, PEM versions 11.5.1 through 11.5.8 BIG-IP AFM, PEM versions 11.6.1 through 11.6.3.4 BIG-IP AFM, PEM versions 12.1.0 through 12.1.4 BIG-IP AFM, PEM versions 13.0.0 through 13.1.1.4 BIG-IP AFM, PEM versions 14.0.0 through 14.0.0.4...

F5 Networks BIG-IP : BIG-IP AFM and PEM TMUI XSS vulnerability (K61002104)

Undisclosed TMUI pages for AFM and PEM Subscriber management are vulnerable to a stored cross-site scripting XSS issue. This is a control plane issue only and is not accessible from the data plane. The attack requires a malicious resource administrator to store the XSS. CVE-2019-6639 Impact A...

F5 Networks BIG-IP : BIG-IP URL classification vulnerability (K42465020)

The BIG-IP system is vulnerable to a denial-of-service DoS attack when performing URL classification. CVE-2019-6610 Impact A remoteattacker may be able to disrupt services by causing the Traffic Management Microkernel TMM to restart. There is no exposure in the control plane. C Tenable Network...

CVE-2019-0041

On EX4300-MP Series devices with any lo0 filters applied, transit network traffic may reach the control plane via loopback interface lo0. The device may fail to forward such traffic. This issue affects Juniper Networks Junos OS 18.2 versions prior to 18.2R1-S2, 18.2R2 on EX4300-MP Series. This...

CVE-2019-0041

On EX4300-MP Series devices with any lo0 filters applied, transit network traffic may reach the control plane via loopback interface lo0. The device may fail to forward such traffic. This issue affects Juniper Networks Junos OS 18.2 versions prior to 18.2R1-S2, 18.2R2 on EX4300-MP Series. This...

Design/Logic Flaw

On EX4300-MP Series devices with any lo0 filters applied, transit network traffic may reach the control plane via loopback interface lo0. The device may fail to forward such traffic. This issue affects Juniper Networks Junos OS 18.2 versions prior to 18.2R1-S2, 18.2R2 on EX4300-MP Series. This...

CVE-2019-0041 Junos OS: EX4300-MP Series: IP transit traffic can reach the control plane via loopback interface.

On EX4300-MP Series devices with any lo0 filters applied, transit network traffic may reach the control plane via loopback interface lo0. The device may fail to forward such traffic. This issue affects Juniper Networks Junos OS 18.2 versions prior to 18.2R1-S2, 18.2R2 on EX4300-MP Series. This...

CVE-2019-0041

CVE-2019-0041 affects Juniper Networks Junos OS on the EX4300-MP Series. With any lo0 filters applied, transit network traffic could reach the control plane via the loopback interface (lo0) and the device may fail to forward such traffic. Affected software: Junos OS 18.2 prior to 18.2R1-S2 and 18...

Input validation

IBM QRadar SIEM 7.2 and 7.3 fails to adequately filter user-controlled input data for syntax that has control-plane implications which could allow an attacker to modify displayed content. IBM X-Force ID: 147811...

CVE-2018-1733

IBM QRadar SIEM 7.2 and 7.3 fails to adequately filter user-controlled input data for syntax that has control-plane implications which could allow an attacker to modify displayed content. IBM X-Force ID: 147811...

CVE-2018-1733

IBM QRadar SIEM 7.2 and 7.3 fails to adequately filter user-controlled input data for syntax that has control-plane implications which could allow an attacker to modify displayed content. IBM X-Force ID: 147811...

F5 Networks BIG-IP : Side-channel processor vulnerabilities (K91229003)

The following three side-channel attacks were publicly disclosed on January 3, 2018 : CVE-2017-5715 Spectre-BTB previously known as Spectre Variant 2 Branch target injection Systems with microprocessors utilizing speculative execution and indirect branch prediction may allow unauthorized disclosu...

F5 Networks BIG-IP : TMM with HTTP/2 vulnerability (K45320419)

Maliciously crafted HTTP/2 request frames can lead to denial of service. There is data plane exposure for virtual servers when the HTTP2 profile is enabled. There is no control plane exposure to this issue. CVE-2018-5514 Impact The BIG-IP system may temporarily fail to process traffic as it...

F5 Networks BIG-IP : BIG-IP SOCKS proxy vulnerability (K55225440)

Responses to SOCKS proxy requests made through the BIG-IP system may cause a disruption of service provided by theTraffic Management Microkernel TMM. The data plane is impacted and exposed only when a SOCKS proxy profile is attached to a virtual server. The control plane is not impacted by this...

Security Advisory 0036

Security Advisory 0036 . CSAF PDF Date: August 6th, 2018 Version: 1.0 Revision | Date | Changes ---|---|--- 1.0 | August 6, 2018 | Initial Release Vulnerability assessment of CVE-2018-5390 for Arista Products CVSS v2: 7.1 AV:N/AC:M/Au:N/C:N/I:N/A:C On August 6th, 2018, information was released...

Remote access in a software defined world

When I first ventured into technology, I wish someone gave me a heads-up about the bevy of acronyms to remember. It feels like every day a new acronym related to technology is formed. It's hard enough remembering names within my family. During Thanksgiving with a full house, I struggle to remembe...

CVE-2018-5513

On F5 BIG-IP 13.1.0-13.1.0.3, 13.0.0, 12.1.0-12.1.3.3, 11.6.1-11.6.3.1, 11.5.1-11.5.5, or 11.2.1, a malformed TLS handshake causes TMM to crash leading to a disruption of service. This issue is only exposed on the data plane when Proxy SSL configuration is enabled. The control plane is not impact...

CVE-2018-5517

On F5 BIG-IP 13.1.0-13.1.0.5, malformed TCP packets sent to a self IP address or a FastL4 virtual server may cause an interruption of service. The control plane is not exposed to this issue. This issue impacts the data plane virtual servers and self IPs...