Lucene search
K

168 matches found

Symantec
Symantec
added 2019/11/27 12:0 a.m.53 views

Multiple F5 BIG-IP Products CVE-2019-6671 Memory Leak Denial of Service Vulnerability

Description Multiple F5 BIG-IP Products are prone to a denial-of-service vulnerability. Attackers can exploit this issue to cause a denial of service condition. Technologies Affected F5 BIG-IP AAM 13.1.0 F5 BIG-IP AAM 13.1.3 F5 BIG-IP AAM 14.0.0 F5 BIG-IP AAM 14.0.1 F5 BIG-IP AAM 14.1.0 F5 BIG-IP...

0.9AI score0.01044EPSS
Exploits0References1Affected Software13
CVE
CVE
added 2019/04/15 2:43 p.m.73 views

CVE-2019-6609

CVE-2019-6609 affects BIG-IP on iSeries (LTM, AAM, AFM, Analytics, APM, ASM, DNS, Edge Gateway, FPS, GTM, Link Controller, PEM, WebAccelerator) where the secureKeyCapable attribute is not set. This prevents Secure Vault from using F5 hardware support to protect the unit key, causing the unit key ...

9.8CVSS9.3AI score0.01458EPSS
Exploits0References1Affected Software1
CNVD
CNVD
added 2018/06/29 12:0 a.m.4 views

F5 BIG-IP Denial of Service Vulnerability (CNVD-2018-17656)

The F5 BIG-IP Edge Gateway serves as an access solution that provides SSL VPN remote access, security, application acceleration and high availability for remote users. A denial of service vulnerability exists in F5 BIG-IP due to an excessive consumption of the target traffic management microkerne...

7.8CVSS7.4AI score0.02577EPSS
Exploits0References1
CNVD
CNVD
added 2018/06/29 12:0 a.m.7 views

F5 BIG-IP Denial of Service Vulnerability (CNVD-2018-17654)

The F5 BIG-IP Edge Gateway serves as an access solution that provides SSL VPN remote access, security, application acceleration and high availability for remote users. A denial of service vulnerability exists in F5 BIG-IP versions 13.0.1 and 13.1.0.4 through 13.1.0.7 due to an unspecified flaw in...

5.3CVSS5.4AI score0.01213EPSS
Exploits0References1
CVE
CVE
added 2017/12/21 5:0 p.m.66 views

CVE-2017-6151

CVE-2017-6151 affects F5 BIG-IP software (LTM, AAM, AFM, Analytics, APM, ASM, DNS, Edge Gateway, GTM, Link Controller, PEM, WebAccelerator, WebSafe) version 13.0.0 where virtual servers using the HTTP/2 profile may cause disruption of TMM. Root cause: undisclosed requests to HTTP/2-enabled virtua...

7.8CVSS7.4AI score0.01637EPSS
Exploits0References2Affected Software1
F5 Networks
F5 Networks
added 2017/08/08 12:3 a.m.199 views

PHP vulnerabilities CVE-2017-9226 and CVE-2017-7890

F5 Product Development has evaluated the currently supported releases for potential vulnerability. To determine if your release is known to be vulnerable, the components or features that are affected by the vulnerability, and for information about releases or hotfixes that address the...

9.8CVSS1.2AI score0.07511EPSS
Exploits1
Prion
Prion
added 2017/06/09 3:29 p.m.22 views

Cross site scripting

A stored cross-site scripting XSS vulnerability in the Configuration utility device name change page in BIG-IP LTM, AAM, AFM, Analytics, APM, ASM, DNS, Edge Gateway, GTM, Link Controller, PEM, PSM, WebAccelerator, WOM and WebSafe version 12.0.0 - 12.1.2, 11.4.0 - 11.6.1, and 11.2.1 allows an...

3.5CVSS5.5AI score0.00947EPSS
Exploits0References4Affected Software16
Tenable Nessus
Tenable Nessus
added 2017/05/08 12:0 a.m.51 views

F5 Networks BIG-IP : TMM vulnerability (K82851041)

In F5 BIG-IP LTM, AAM, AFM, Analytics, APM, ASM, DNS, Edge Gateway, GTM, Link Controller, PEM, PSM, WebAccelerator, and WebSafe 11.6.1 HF1, 12.0.0 HF3, 12.0.0 HF4, and 12.1.0 through 12.1.2, undisclosed traffic patterns received while software SYN cookie protection is engaged may cause a disrupti...

5.9CVSS5.8AI score0.0109EPSS
Exploits0References2
CVE
CVE
added 2016/08/19 9:0 p.m.85 views

CVE-2015-8022

CVE-2015-8022 affects multiple F5 BIG-IP products (LTM, Analytics, APM, ASM, GTM, Link Controller; AAM, AFM, PEM; Edge Gateway, WebAccelerator, WOM, PSM) across 11.x releases. The root cause is in the Configuration utility: an Access Policy Manager customization configuration section that allows ...

8.5CVSS7.4AI score0.02674EPSS
Exploits0References2Affected Software1
CNVD
CNVD
added 2016/06/19 12:0 a.m.6 views

F5 BIG-IP APM and BIG-IP Edge Gateway Open Redirect Vulnerabilities

F5 BIG-IP APM is a set of solutions that provide secure unified access to business-critical applications and networks; BIG-IP Edge Gateway is a remote access solution. F5 BIG-IP APM and BIG-IP Edge Gateway fail to validate the SSOORIGURI parameter, which allows attackers to construct malicious...

5.3CVSS8.5AI score0.01209EPSS
Exploits0References1
OSV
OSV
added 2016/06/16 6:59 p.m.4 views

CVE-2016-3687

Open redirect vulnerability in F5 BIG-IP APM 11.2.1, 11.4.x, 11.5.x, and 11.6.x before 11.6.0 HF6 and Edge Gateway 11.2.1, when using multi-domain single sign-on SSO, allows remote attackers to redirect users to arbitrary web sites and conduct phishing attacks via a base64-encoded URL in the...

5.3CVSS5.9AI score0.01209EPSS
Exploits0References2
Prion
Prion
added 2016/04/13 4:59 p.m.19 views

Default configuration

F5 BIG-IP LTM, AFM, Analytics, APM, ASM, Link Controller, and PEM 11.3.x, 11.4.x before 11.4.1 build 685-HF10, 11.5.1 before build 10.104.180, 11.5.2 before 11.5.4 build 0.1.256, 11.6.0 before build 6.204.442, and 12.0.0 before build 1.14.628; BIG-IP AAM 11.4.x before 11.4.1 build 685-HF10, 11.5....

4CVSS7AI score0.00791EPSS
Exploits0References2Affected Software18
CVE
CVE
added 2016/04/13 4:0 p.m.75 views

CVE-2016-2084

CVE-2016-2084 affects F5 BIG-IP and BIG-IQ cloud deployments (AWS, Azure, Verizon) where certificates and keys are not regenerated during deployment, allowing potential disclosure of sensitive data or disruption. The root cause is improper regeneration of certificates/keys when deploying cloud im...

7.4CVSS7.3AI score0.00791EPSS
Exploits0References2Affected Software1
Cvelist
Cvelist
added 2016/04/13 4:0 p.m.30 views

CVE-2016-3686

The Single Sign-On SSO feature in F5 BIG-IP APM 11.x before 11.6.0 HF6 and BIG-IP Edge Gateway 11.0.0 through 11.3.0 might allow remote attackers to obtain sensitive SessionId information by leveraging access to the Location HTTP header in a redirect...

5.5AI score0.01526EPSS
Exploits0References2
CVE
CVE
added 2016/04/13 4:0 p.m.56 views

CVE-2016-3686

The CVE-2016-3686 issue affects F5 BIG-IP APM SSO (and BIG-IP Edge Gateway) where Cleartext SessionID can appear in the Location header during redirects. Affected are BIG-IP APM 11.0.0–11.6.0 (HF6 in 11.6.0) and BIG-IP Edge Gateway 11.0.0–11.3.0; other components are listed as affected/not vulner...

5.9CVSS5.5AI score0.01526EPSS
Exploits0References2Affected Software1
CVE
CVE
added 2016/04/12 2:0 p.m.64 views

CVE-2015-8021

The CVE-2015-8021 entry maps to an actual vulnerability in the BIG-IP Configuration utility where file uploads via uploadImage.php are not properly validated. Affected BIG-IP products (LTM, Analytics, APM, ASM, GTM, Link Controller, PSM, and related modules) running vulnerable 11.x releases are e...

4.3CVSS4.4AI score0.01352EPSS
Exploits0References3Affected Software13
CNVD
CNVD
added 2016/04/12 12:0 a.m.4 views

F5 BIG-IP APM and BIG-IP Edge Gateway Unauthorized Access Vulnerability

F5 BIG-IP APM Access Policy Manager and BIG-IP Edge Gateway are both products of F5 USA. BIG-IP APM is a solution that provides secure and unified access to business-critical applications and networks; BIG-IP Edge Gateway is a remote access solution. A security vulnerability exists in F5 BIG-IP A...

5.9CVSS7AI score0.01526EPSS
Exploits0References1
Prion
Prion
added 2016/01/12 8:59 p.m.26 views

Code injection

dcoep in BIG-IP LTM, Analytics, APM, ASM, and Link Controller 11.2.0 through 11.6.0 and 12.0.0 before 12.0.0 HF1, BIG-IP AAM 11.4.0 through 11.6.0 and 12.0.0 before 12.0.0 HF1, BIG-IP AFM and PEM 11.3.0 through 11.6.0 and 12.0.0 before 12.0.0 HF1, BIG-IP DNS 12.0.0 before 12.0.0 HF1, BIG-IP Edge...

6.9CVSS7.1AI score0.0034EPSS
Exploits0References3Affected Software19
Tenable Nessus
Tenable Nessus
added 2016/01/08 12:0 a.m.37 views

F5 Networks BIG-IP : Privilege escalation vulnerability (K75136237)

dcoep in BIG-IP LTM, Analytics, APM, ASM, and Link Controller 11.2.0 through 11.6.0 and 12.0.0 before 12.0.0 HF1, BIG-IP AAM 11.4.0 through 11.6.0 and 12.0.0 before 12.0.0 HF1, BIG-IP AFM and PEM 11.3.0 through 11.6.0 and 12.0.0 before 12.0.0 HF1, BIG-IP DNS 12.0.0 before 12.0.0 HF1, BIG-IP Edge...

7.4CVSS7.4AI score0.0034EPSS
Exploits0References2
CVE
CVE
added 2015/09/18 2:0 p.m.49 views

CVE-2015-4638

The CVE-2015-4638 issue affects F5 BIG-IP products using FastL4 virtual servers (across BIG-IP LTM/AAM/AFM/Analytics/APM/ASM/GTM/Link Controller/PEM, Edge Gateway, WebAccelerator, WOM, PSM). Root cause: processing of fragmented packets in the FastL4/TMM path can cause the Traffic Management Micro...

5CVSS6.6AI score0.01744EPSS
Exploits0References2Affected Software10
Rows per page
Query Builder