F5 Networks BIG-IP : BIG-IP APM vulnerability (K51574311)

When a BIG-IP APM virtual server processes traffic of an undisclosed nature, the Traffic Management Microkernel TMM stops responding and restarts.CVE-2020-27716 Impact Traffic processing is disrupted while TMM restarts. If the affected BIG-IP system is configured as part of a device group, the...

F5 Networks BIG-IP : BIG-IP APM network access VPN vulnerability (K04518313)

In BIG-IP APM, on systems running more than one TMM instance, authenticated VPN users may consume excessive resources by sending specially crafted malicious traffic over the tunnel.CVE-2020-27724 Impact This vulnerabilitymay cause the Traffic Management Microkernel TMM to stop responding, leading...

F5 Networks BIG-IP : F5 TMM vulnerability (K05204103)

An early syncookie leaks forwarding flows if the virtual server has Clustered Multiprocessing CMPdisabled and the BIG-IP AFM module is provisioned.CVE-2020-5950 Impact The BIG-IP system resources may be excessively consumed and potentially leadto a failover event.Traffic processing is disrupted...

CVE-2020-5939

In versions 16.0.0-16.0.0.1, 15.1.0-15.1.0.3, 15.0.0-15.0.1.3, 14.1.0-14.1.2.6, and 13.1.0-13.1.3.4, BIG-IP Virtual Edition VE systems on VMware, with an Intel-based 85299 Network Interface Controller NIC card and Single Root I/O Virtualization SR-IOV enabled on vSphere, may fail and leave the...

F5 BIG-IP Denial of Service Vulnerability (CNVD-2020-63953)

F5 BIG-IP is an application delivery platform from F5 USA that integrates network traffic management, application security management, load balancing and other functions. A denial of service vulnerability exists in BIG-IP, which stems from the fact that under certain circumstances, client alerts ...

CVE-2020-5936

On BIG-IP LTM 15.1.0-15.1.0.5, 14.1.0-14.1.2.7, 13.1.0-13.1.3.4, and 12.1.0-12.1.5.1, the Traffic Management Microkernel TMM process may consume excessive resources when processing SSL traffic and client authentication are enabled on the client SSL profile...

Authentication flaw

On BIG-IP LTM 15.1.0-15.1.0.5, 14.1.0-14.1.2.7, 13.1.0-13.1.3.4, and 12.1.0-12.1.5.1, the Traffic Management Microkernel TMM process may consume excessive resources when processing SSL traffic and client authentication are enabled on the client SSL profile...

F5 Networks BIG-IP : BIG-IP MQTT iRule vulnerability (K62830532)

When your system handlesMQTT traffic through a BIG-IP virtual server associated with an MQTT profile, and an iRule performs manipulations on that traffic, TMM may produce a core file. CVE-2020-5935 Impact The Traffic Management Microkernel TMM may generate a core file and restart, causing a high...

F5 Networks BIG-IP : BIG-IP AFM vulnerability (K58290051)

The Traffic Management Microkernel TMM may produce a core file while processing layer 4 L4 behavioral denial-of-service DoS traffic. CVE-2020-5937 Impact The BIG-IP system may temporarily fail to process traffic as it recovers from a TMM restart, and devices configured as a high-availability HA...

F5 BIG-IP APM Message Handling Denial of Service Vulnerability

The F5 BIG-IP is an F5 load balancing device. A security vulnerability exists in the F5 BIG-IP APM processing session variable, which can be exploited by remote attackers to submit a special request that can cause the TMM to stop responding, resulting in a denial-of-service attack...

CVE-2020-5925

In BIG-IP versions 15.1.0-15.1.0.4, 15.0.0-15.0.1.3, 14.1.0-14.1.2.6, 13.1.0-13.1.3.3, 12.1.0-12.1.5.1, and 11.6.1-11.6.5.1, undisclosed internally generated UDP traffic may cause the Traffic Management Microkernel TMM to restart under some circumstances...

Code injection

In BIG-IP versions 15.1.0-15.1.0.4, 15.0.0-15.0.1.3, 14.1.0-14.1.2.6, 13.1.0-13.1.3.3, 12.1.0-12.1.5.1, and 11.6.1-11.6.5.1, undisclosed internally generated UDP traffic may cause the Traffic Management Microkernel TMM to restart under some circumstances...

CVE-2020-5919

In versions 15.1.0-15.1.0.4, rendering of certain session variables by BIG-IP APM UI-based agents in an access profile configured with Modern customization, may cause the Traffic Management Microkernel TMM to stop responding...

Code injection

In versions 15.1.0-15.1.0.4, rendering of certain session variables by BIG-IP APM UI-based agents in an access profile configured with Modern customization, may cause the Traffic Management Microkernel TMM to stop responding...

F5 BIG-IP APM Denial of Service Vulnerability (CNVD-2020-50121)

F5 BIG-IP APM is a suite of access and security solutions from F5 USA. The product provides unified access to business-critical applications and networks. A security vulnerability exists in F5 BIG-IP APM versions 15.0.0 through 15.0.1.2, 14.1.0 through 14.1.2.3, and 14.0.0 through 14.0.1. A remot...

CVE-2020-5882

On BIG-IP 15.0.0-15.0.1.3, 14.1.0-14.1.2.3, 13.1.0-13.1.3.3, 12.1.0-12.1.5, and 11.6.1-11.6.5.1, under certain conditions, the Intel QuickAssist Technology QAT cryptography driver may produce a Traffic Management Microkernel TMM core file...

CVE-2020-5876

On BIG-IP 15.0.0-15.0.1.3, 14.1.0-14.1.2.3, 13.1.0-13.1.3.3, 12.1.0-12.1.5.1, and 11.6.1-11.6.5.1, a race condition exists where mcpd and other processes may make unencrypted connection attempts to a new configuration sync peer. The race condition can occur when changing the ConfigSync IP address...

CVE-2020-5878

On versions 15.1.0-15.1.0.1, 15.0.0-15.0.1.1, and 14.1.0-14.1.2.3, Traffic Management Microkernel TMM may restart on BIG-IP Virtual Edition VE while processing unusual IP traffic...

CVE-2020-5875

On BIG-IP 15.0.0-15.0.1 and 14.1.0-14.1.2.3, under certain conditions, the Traffic Management Microkernel TMM may generate a core file and restart while processing SSL traffic with an HTTP/2 full proxy...

CVE-2020-5878

On versions 15.1.0-15.1.0.1, 15.0.0-15.0.1.1, and 14.1.0-14.1.2.3, Traffic Management Microkernel TMM may restart on BIG-IP Virtual Edition VE while processing unusual IP traffic...