15 matches found
EUVD-2023-28609
Malicious code in bioql PyPI...
JVN#29238389: IPCOM vulnerable to information disclosure
SSL Accelerator/SSL-VPN Function of IPCOM provided by Fsas Technologies Inc. contains an information disclosure vulnerability due to observable timing discrepancy CWE-208. Impact Some of the encrypted communication may be decrypted by an attacker who can obtain the contents of the communication...
F5 Networks BIG-IP : BIG-IP TMM SSL vulnerability (K000133132)
The version of F5 Networks BIG-IP installed on the remote host is prior to 15.1.5 / 16.1.2.1 / 17.0.0. It is, therefore, affected by a vulnerability as referenced in the K000133132 advisory. - When an SSL profile is configured on a Virtual Server, undisclosed traffic can cause an increase in CPU ...
CVE-2023-24594
When an SSL profile is configured on a Virtual Server, undisclosed traffic can cause an increase in CPU or SSL accelerator resource utilization. Note: Software versions which have reached End of Technical Support EoTS are not evaluated...
CVE-2023-24594
When an SSL profile is configured on a Virtual Server, undisclosed traffic can cause an increase in CPU or SSL accelerator resource utilization. Note: Software versions which have reached End of Technical Support EoTS are not evaluated...
Code injection
When an SSL profile is configured on a Virtual Server, undisclosed traffic can cause an increase in CPU or SSL accelerator resource utilization. Note: Software versions which have reached End of Technical Support EoTS are not evaluated...
CVE-2023-24594
CVE-2023-24594 affects F5 BIG-IP: when an SSL profile is configured on a Virtual Server, undisclosed traffic can cause increased CPU/SSL accelerator resource utilization (data-plane DoS). Affected BIG-IP branches include 17.x (fix: 17.0.0), 16.x (fix: 16.1.2.1), 15.x (fix: 15.1.5), 14.x (fix: 14....
CVE-2023-24594 BIG-IP TMM SSL vulnerability
When an SSL profile is configured on a Virtual Server, undisclosed traffic can cause an increase in CPU or SSL accelerator resource utilization. Note: Software versions which have reached End of Technical Support EoTS are not evaluated...
PT-2023-19697 · F5 · Big-Ip
Name of the Vulnerable Software and Affected Versions: BIG-IP versions prior to 17.0.0 Description: When an SSL profile is configured on a Virtual Server, undisclosed traffic can cause an increase in CPU or SSL accelerator resource utilization. Recommendations: For versions prior to 17.0.0, updat...
CVE-2014-4024
SSL virtual servers in F5 BIG-IP systems 10.x before 10.2.4 HF9, 11.x before 11.2.1 HF12, 11.3.0 before HF10, 11.4.0 before HF8, 11.4.1 before HF5, 11.5.0 before HF5, and 11.5.1 before HF5, when used with third-party Secure Sockets Layer SSL accelerator cards, might allow remote attackers to have...
Cisco Wide Area Application Services Denial of Service Vulnerability
Cisco Wide Area Application Services WAAS is the United States Cisco Cisco company's set of WAN link acceleration software. The software is mainly used for small bandwidth and high latency link environment. A denial-of-service vulnerability exists in the SMART-SSL Accelerator feature in Cisco WAA...
Design/Logic Flaw
A vulnerability in SMART-SSL Accelerator functionality for Cisco Wide Area Application Services WAAS 6.2.1, 6.2.1a, and 6.2.3a could allow an unauthenticated, remote attacker to cause a denial of service DoS condition where the WAN optimization could stop functioning while the process restarts. T...
Cisco Wide Area Application Services SMART-SSL Accelerator Denial of Service Vulnerability
A vulnerability in SMART-SSL Accelerator functionality for Cisco Wide Area Application Services WAAS could allow an unauthenticated, remote attacker to cause a denial of service DoS condition where the WAN optimization could stop functioning while the process restarts. The vulnerability is due to...
F5 Networks BIG-IP : SSL acceleration card timing vulnerability (K15500)
SSL virtual servers in F5 BIG-IP systems 10.x before 10.2.4 HF9, 11.x before 11.2.1 HF12, 11.3.0 before HF10, 11.4.0 before HF8, 11.4.1 before HF5, 11.5.0 before HF5, and 11.5.1 before HF5, when used with third-party Secure Sockets Layer SSL accelerator cards, might allow remote attackers to have...
The Hacker's Choice releases SSL DOS Tool
The Hacker's Choice releases SSL DOS Tool German hacker group "The Hacker's Choice" officially released a new DDoS tool. The tool exploits a weakness in SSL to kick a server off the Internet. Establishing a secure SSL connection requires 15x more processingpower on the server than on the...