Lucene search
K

73 matches found

F5 Networks
F5 Networks
added 2023/02/21 6:54 p.m.89 views

K28405643: BIG-IP Message Routing MQTT vulnerability CVE-2022-35240

Security Advisory Description When the Message Routing MR Message Queuing Telemetry Transport MQTT profile is configured on a virtual server, undisclosed requests can cause an increase in memory resource utilization. CVE-2022-35240 Impact System performance can degrade until the TMM process is...

7.5CVSS7.3AI score0.00668EPSS
Exploits0Affected Software13
OSV
OSV
added 2023/02/01 6:15 p.m.3 views

CVE-2023-22842

On BIG-IP versions 16.1.x before 16.1.3.3, 15.1.x before 15.1.8.1, 14.1.x before 14.1.5.3, and all versions of 13.1.x, when a SIP profile is configured on a Message Routing type virtual server, undisclosed traffic can cause the Traffic Management Microkernel TMM to terminate. Note: Software...

7.5CVSS7.1AI score0.00626EPSS
Exploits0References1
OSV
OSV
added 2023/02/01 6:15 p.m.4 views

CVE-2023-22340

On BIG-IP versions 16.1.x before 16.1.3.3, 15.1.x before 15.1.8, 14.1.x before 14.1.5.3, and all versions of 13.1.x, when a SIP profile is configured on a Message Routing type virtual server, undisclosed traffic can cause TMM to terminate. Note: Software versions which have reached End of Technic...

7.5CVSS7.1AI score0.00626EPSS
Exploits0References1
NVD
NVD
added 2023/02/01 6:15 p.m.19 views

CVE-2023-22340

On BIG-IP versions 16.1.x before 16.1.3.3, 15.1.x before 15.1.8, 14.1.x before 14.1.5.3, and all versions of 13.1.x, when a SIP profile is configured on a Message Routing type virtual server, undisclosed traffic can cause TMM to terminate. Note: Software versions which have reached End of Technic...

7.5CVSS7.5AI score0.00626EPSS
Exploits0References1
CVE
CVE
added 2023/02/01 5:54 p.m.73 views

CVE-2023-22340

CVE-2023-22340 affects F5 BIG-IP SIP profile when configured on a Message Routing type virtual server. The root cause is a traffic-triggered condition that can cause the TMM process to terminate, resulting in DoS. Affected versions include BIG-IP 16.1.x before 16.1.3.3, 15.1.x before 15.1.8, 14.1...

7.5CVSS7.6AI score0.00626EPSS
Exploits0References1Affected Software12
CNNVD
CNNVD
added 2023/02/01 12:0 a.m.5 views

F5 BIG-IP 缓冲区错误漏洞

F5 BIG-IP is an application delivery platform from F5 that integrates network traffic orchestration, load balancing, intelligent DNS, remote access policy management, etc. A denial of service vulnerability exists in the F5 BIG-IP SIP profile, where undisclosed traffic could cause TMM to terminate...

7.5CVSS6.6AI score0.00626EPSS
Exploits0References3
CNVD
CNVD
added 2023/02/01 12:0 a.m.27 views

F5 BIG-IP SIP profile denial of service vulnerability (CNVD-2023-05958)

F5 BIG-IP is an application delivery platform from F5 that integrates network traffic orchestration, load balancing, intelligent DNS, remote access policy management, etc. A denial of service vulnerability exists in the F5 BIG-IP SIP profile, where undisclosed traffic could cause TMM to terminate...

7.5CVSS2.9AI score0.00626EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2023/02/01 12:0 a.m.2 views

PT-2023-1430 · F5 · Big-Ip

Name of the Vulnerable Software and Affected Versions: BIG-IP versions 13.1.x BIG-IP versions 14.1.x through 14.1.5.2 BIG-IP versions 15.1.x through 15.1.7 BIG-IP versions 16.1.x through 16.1.3.2 Description: The issue is related to errors in data processing in BIG-IP Access Policy Manager and...

7.5CVSS7.3AI score0.00626EPSS
Exploits0References5
CNNVD
CNNVD
added 2023/02/01 12:0 a.m.5 views

F5 BIG-IP 代码问题漏洞

F5 BIG-IP is an application delivery platform from F5 that integrates network traffic orchestration, load balancing, intelligent DNS, remote access policy management, etc. A denial of service vulnerability exists in the F5 BIG-IP SIP profile, where undisclosed traffic could cause TMM to terminate...

7.5CVSS6.6AI score0.00626EPSS
Exploits0References2
OSV
OSV
added 2022/08/04 6:15 p.m.5 views

CVE-2022-35240

In BIG-IP Versions 16.1.x before 16.1.2.2, 15.1.x before 15.1.6.1, and 14.1.x before 14.1.5, when the Message Routing MR Message Queuing Telemetry Transport MQTT profile is configured on a virtual server, undisclosed requests can cause an increase in memory resource utilization. Note: Software...

7.5CVSS5.8AI score0.00668EPSS
Exploits0References1
OSV
OSV
added 2022/08/04 6:15 p.m.3 views

CVE-2022-35272

In BIG-IP Versions 17.0.x before 17.0.0.1 and 16.1.x before 16.1.3.1, when source-port preserve-strict is configured on an HTTP Message Routing Framework MRF virtual server, undisclosed traffic may cause the Traffic Management Microkernel TMM to produce a core file and the connection to terminate...

5.5CVSS5.8AI score0.00415EPSS
Exploits0References1
Prion
Prion
added 2022/08/04 6:15 p.m.24 views

Design/Logic Flaw

In BIG-IP Versions 16.1.x before 16.1.2.2, 15.1.x before 15.1.6.1, and 14.1.x before 14.1.5, when the Message Routing MR Message Queuing Telemetry Transport MQTT profile is configured on a virtual server, undisclosed requests can cause an increase in memory resource utilization. Note: Software...

5CVSS7.5AI score0.00668EPSS
Exploits0References1Affected Software11
Prion
Prion
added 2022/08/04 6:15 p.m.24 views

Design/Logic Flaw

In BIG-IP Versions 17.0.x before 17.0.0.1 and 16.1.x before 16.1.3.1, when source-port preserve-strict is configured on an HTTP Message Routing Framework MRF virtual server, undisclosed traffic may cause the Traffic Management Microkernel TMM to produce a core file and the connection to terminate...

1.7CVSS5.5AI score0.00415EPSS
Exploits0References1Affected Software11
ATTACKERKB
ATTACKERKB
added 2022/08/03 2:0 p.m.2 views

CVE-2022-35272

In BIG-IP Versions 17.0.x before 17.0.0.1 and 16.1.x before 16.1.3.1, when source-port preserve-strict is configured on an HTTP Message Routing Framework MRF virtual server, undisclosed traffic may cause the Traffic Management Microkernel TMM to produce a core file and the connection to terminate...

7.5CVSS5.8AI score0.00415EPSS
Exploits0References2Affected Software1
CNVD
CNVD
added 2022/08/03 12:0 a.m.18 views

F5 BIG-IP Message Routing MQTT Denial of Service Vulnerability

F5 BIG-IP APM Edge Client for Windows is a client access control authentication access client application from F5. A denial of service vulnerability exists in F5 BIG-IP Message Routing MQTT, which stems from an undisclosed Message Routing MR Message Queue Telemetry Transport MQTT profile when...

7.5CVSS3AI score0.00668EPSS
Exploits0References1
CNNVD
CNNVD
added 2022/08/03 12:0 a.m.3 views

F5 BIG-IP 安全漏洞

F5 BIG-IP APM Edge Client for Windows is a client access control authentication access client application from F5. A denial of service vulnerability exists in F5 BIG-IP Message Routing MQTT, which stems from an undisclosed Message Routing MR Message Queue Telemetry Transport MQTT profile when...

7.5CVSS5.7AI score0.00668EPSS
Exploits0References3
CNNVD
CNNVD
added 2022/08/03 12:0 a.m.14 views

F5 BIG-IP 安全漏洞

F5 BIG-IP is an application delivery platform from F5 that integrates network traffic orchestration, load balancing, intelligent DNS, remote access policy management, etc. A denial of service vulnerability exists in the F5 BIG-IP HTTP MRF, which stems from the configuration of source-port preserv...

7.5CVSS5.8AI score0.00415EPSS
Exploits0References3
OSV
OSV
added 2022/05/05 5:15 p.m.3 views

CVE-2022-26370

On F5 BIG-IP 16.1.x versions prior to 16.1.2.2, 15.1.x versions prior to 15.1.5, and 14.1.x versions prior to 14.1.4.6, when a Session Initiation Protocol SIP message routing framework MRF application layer gateway ALG profile is configured on a Message Routing virtual server, undisclosed request...

7.5CVSS5.8AI score0.00764EPSS
Exploits0References1
Prion
Prion
added 2022/05/05 5:15 p.m.17 views

Design/Logic Flaw

On F5 BIG-IP 16.1.x versions prior to 16.1.2.2, 15.1.x versions prior to 15.1.5, and 14.1.x versions prior to 14.1.4.6, when a Session Initiation Protocol SIP message routing framework MRF application layer gateway ALG profile is configured on a Message Routing virtual server, undisclosed request...

5CVSS7.5AI score0.00764EPSS
Exploits0References1Affected Software11
ATTACKERKB
ATTACKERKB
added 2022/05/04 2:0 p.m.4 views

CVE-2022-26370

On F5 BIG-IP 16.1.x versions prior to 16.1.2.2, 15.1.x versions prior to 15.1.5, and 14.1.x versions prior to 14.1.4.6, when a Session Initiation Protocol SIP message routing framework MRF application layer gateway ALG profile is configured on a Message Routing virtual server, undisclosed request...

7.5CVSS5.9AI score0.00764EPSS
Exploits0References2Affected Software1
Rows per page
Query Builder