Lucene search
K

131 matches found

CVE
CVE
added 2025/05/07 10:4 p.m.59 views

CVE-2025-43878

In F5OS-A/C, the CVE-2025-43878 issue affects Appliance mode: an authenticated user with Administrator/Resource Administrator rights can bypass Appliance mode restrictions using the system diagnostics tcpdump command. Vulnerable mappings show F5OS-A versions 1.5.1–1.5.3 and F5OS-C versions 1.6.0–...

8.3CVSS6.3AI score0.00145EPSS
Exploits0References1Affected Software2
Vulnrichment
Vulnrichment
added 2025/05/07 10:4 p.m.10 views

CVE-2025-43878 F5OS-A/C CLI vulnerability

When running in Appliance mode, an authenticated attacker assigned the Administrator or Resource Administrator role may be able to bypass Appliance mode restrictions utilizing system diagnostics tcpdump command utility on a F5OS-C/A system. Note: Software versions which have reached End of...

8.3CVSS6.3AI score0.00145EPSS
Exploits0References1
Cvelist
Cvelist
added 2025/05/07 10:4 p.m.18 views

CVE-2025-43878 F5OS-A/C CLI vulnerability

When running in Appliance mode, an authenticated attacker assigned the Administrator or Resource Administrator role may be able to bypass Appliance mode restrictions utilizing system diagnostics tcpdump command utility on a F5OS-C/A system. Note: Software versions which have reached End of...

8.3CVSS0.00145EPSS
Exploits0References1
CVE
CVE
added 2025/05/07 10:4 p.m.87 views

CVE-2025-36546

CVE-2025-36546 affects F5OS (Aplpliance mode) where SSH key-based login remains allowed for the root user even after Appliance Mode is enabled, enabling potential unauthorized access if an attacker possesses the root SSH private key. The F5 advisories/Red Hat/NCSC entries describe the issue as a ...

9.2CVSS8.2AI score0.00372EPSS
Exploits0References1Affected Software2
F5 Networks
F5 Networks
added 2025/05/07 1:12 p.m.11 views

K000140574: F5OS Appliance Mode vulnerability CVE-2025-36546

Security Advisory Description On an F5OS system, if the root user configures the system to allow login using SSH key-based authentication and later enables appliance mode, the system still allows access using SSH key-based authentication. For an attacker to exploit this vulnerability they must...

9.2CVSS7.1AI score0.00372EPSS
Exploits0Affected Software2
F5 Networks
F5 Networks
added 2025/05/07 12:48 p.m.12 views

K000139503: F5OS vulnerability CVE-2025-46265

Security Advisory Description On F5OS, an improper authorization vulnerability exists where remotely authenticated users LDAP, RADIUS, TACACS+ may be authorized with higher privilege F5OS roles. CVE-2025-46265 Impact This vulnerability may allow a remote, authenticated attacker to be unexpectedly...

8.8CVSS7.3AI score0.00318EPSS
Exploits0Affected Software2
F5 Networks
F5 Networks
added 2025/05/07 12:33 p.m.12 views

K000139502: F5OS vulnerability CVE-2025-43878

Security Advisory Description When running in appliance mode, an authenticated attacker assigned the Administrator or Resource Administrator role may be able to bypass Appliance mode restrictions utilizing system diagnostics tcpdump command utility on a F5OS-A/C system. CVE-2025-43878 Impact In...

8.3CVSS7AI score0.00145EPSS
Exploits0Affected Software2
Positive Technologies
Positive Technologies
added 2025/05/07 12:0 a.m.4 views

PT-2025-20304 · F5 · F5Os

Name of the Vulnerable Software and Affected Versions: F5OS affected versions not specified Description: The issue allows access via SSH key-based authentication even after Appliance Mode is enabled, if the root user had previously configured the system to allow such login. An attacker would need...

9.2CVSS8AI score0.00372EPSS
Exploits0References5
Positive Technologies
Positive Technologies
added 2025/05/07 12:0 a.m.5 views

PT-2025-20311 · F5 · F5Os

Name of the Vulnerable Software and Affected Versions: F5OS affected versions not specified Description: An improper authorization issue exists where remotely authenticated users, such as those using LDAP, RADIUS, or TACACS+, may be granted higher privilege F5OS roles than intended...

8.8CVSS8.6AI score0.00318EPSS
Exploits0References6
CNNVD
CNNVD
added 2025/05/07 12:0 a.m.4 views

F5 F5OS 安全漏洞

F5 F5OS is a proprietary operating system that runs on F5 Corporation's F5 appliances to support its application delivery control and security features. A security vulnerability exists in F5 F5OS that stems from SSH key authentication bypass...

9.2CVSS8.2AI score0.00372EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2025/05/07 12:0 a.m.5 views

PT-2025-20310 · F5 · F5Os-C/A

Name of the Vulnerable Software and Affected Versions: F5OS-C/A affected versions not specified Description: The issue allows an authenticated attacker with the Administrator or Resource Administrator role to bypass Appliance mode restrictions on a F5OS-C/A system when running in Appliance mode...

8.3CVSS6.5AI score0.00145EPSS
Exploits0References6
F5 Networks
F5 Networks
added 2024/03/21 12:20 a.m.40 views

K000138966: Intel Xeon CPU vulnerability CVE-2023-23908

Security Advisory Description Improper access control in some 3rd Generation IntelR XeonR Scalable processors may allow a privileged user to potentially enable information disclosure via local access. CVE-2023-23908 Impact This vulnerability may allow a privileged user to enable information...

6CVSS5.8AI score0.00308EPSS
Exploits0Affected Software1
NVD
NVD
added 2024/02/14 5:15 p.m.24 views

CVE-2024-24966

When LDAP remote authentication is configured on F5OS, a remote user without an assigned role will be incorrectly authorized. Note: Software versions which have reached End of Technical Support EoTS are not evaluated...

6.2CVSS6.5AI score0.00203EPSS
Exploits0References1
OSV
OSV
added 2024/02/14 5:15 p.m.3 views

CVE-2024-24966

When LDAP remote authentication is configured on F5OS, a remote user without an assigned role will be incorrectly authorized. Note: Software versions which have reached End of Technical Support EoTS are not evaluated...

5.5CVSS5.8AI score0.00203EPSS
Exploits0References1
OSV
OSV
added 2024/02/14 5:15 p.m.5 views

CVE-2024-23607

A directory traversal vulnerability exists in the F5OS QKView utility that allows an authenticated attacker to read files outside the QKView directory. Note: Software versions which have reached End of Technical Support EoTS are not evaluated...

5.5CVSS5.8AI score0.00499EPSS
Exploits0References1
NVD
NVD
added 2024/02/14 5:15 p.m.19 views

CVE-2024-23607

A directory traversal vulnerability exists in the F5OS QKView utility that allows an authenticated attacker to read files outside the QKView directory. Note: Software versions which have reached End of Technical Support EoTS are not evaluated...

5.5CVSS5.3AI score0.00499EPSS
Exploits0References1
Prion
Prion
added 2024/02/14 5:15 p.m.17 views

Directory traversal

A directory traversal vulnerability exists in the F5OS QKView utility that allows an authenticated attacker to read files outside the QKView directory. Note: Software versions which have reached End of Technical Support EoTS are not evaluated...

1.7CVSS6.7AI score0.00499EPSS
Exploits0References1
Prion
Prion
added 2024/02/14 5:15 p.m.17 views

Authentication flaw

When LDAP remote authentication is configured on F5OS, a remote user without an assigned role will be incorrectly authorized. Note: Software versions which have reached End of Technical Support EoTS are not evaluated...

2.1CVSS7.5AI score0.00203EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2024/02/14 4:30 p.m.30 views

CVE-2024-24966 F5OS vulnerability

When LDAP remote authentication is configured on F5OS, a remote user without an assigned role will be incorrectly authorized. Note: Software versions which have reached End of Technical Support EoTS are not evaluated...

6.2CVSS7.2AI score0.00203EPSS
Exploits0References1
Cvelist
Cvelist
added 2024/02/14 4:30 p.m.26 views

CVE-2024-24966 F5OS vulnerability

When LDAP remote authentication is configured on F5OS, a remote user without an assigned role will be incorrectly authorized. Note: Software versions which have reached End of Technical Support EoTS are not evaluated...

6.2CVSS6.7AI score0.00203EPSS
Exploits0References1
Rows per page
Query Builder