CVE-2024-32761 BIG-IP TMM tenants on VELOS and rSeries vulnerability

Under certain conditions, a data leak may occur in the Traffic Management Microkernels TMMs of BIG-IP tenants running on VELOS and rSeries platforms. This leak occurs randomly and cannot be deliberately triggered. If it occurs, it may leak up to 64 bytes of non-contiguous randomized bytes. Under...

K000139217: BIG-IP TMM tenants on VELOS and rSeries vulnerability CVE-2024-32761

Security Advisory Description Under certain conditions, a data leak may occur in the Traffic Management Microkernels TMMs of BIG-IP tenants running on VELOS and rSeries platforms. This leak occurs randomly and cannot be deliberately triggered. If it occurs, it may leak up to 64 bytes of...

K000139012: BIG-IP Next Central Manager vulnerability CVE-2024-33612

Security Advisory Description An improper certificate validation vulnerability exists in BIG-IP Next Central Manager and may allow an attacker to impersonate an Instance Provider system. A successful exploit of this vulnerability can allow the attacker to cross a security boundary. CVE-2024-33612...

PT-2024-24833

Name of the Vulnerable Software and Affected Versions BIG-IP versions affected versions not specified Description A potential data leak may occur in the Traffic Management Microkernels TMMs of BIG-IP tenants running on VELOS and rSeries platforms under certain conditions. However, this issue cann...

F5 BIG-IP TMM 安全漏洞

F5 BIG-IP is an application delivery platform from F5 USA that integrates network traffic management, application security management, load balancing and other functions. A data disclosure vulnerability exists in the BIG-IP TMM tenant on F5 VELOS and rSeries that originates in the Traffic...

The vulnerability of the LDAP protocol implementation in F5OS-A operating systems, hardware devices of the F5 rSeries, and F5OS-C application delivery controllers of F5 VELOS allows a hacker to circumvent security restrictions.

The vulnerability of the LDAP protocol implementation in F5OS-A operating systems, F5 rSeries hardware devices, and F5OS-C application delivery controllers for F5 VELOS operating systems is related to deficiencies in the authentication mechanism. Exploiting this vulnerability could allow attacker...

K000137201: Intel BIOS vulnerability CVE-2022-37343

Security Advisory Description Improper access control in the BIOS firmware for some IntelR Processors may allow a privileged user to potentially enable escalation of privilege via local access. CVE-2022-37343 Impact This vulnerability may allow a privileged user to potentially enable escalation o...

K000135795: Downfall Attacks CVE-2022-40982

Security Advisory Description Information exposure through microarchitectural state after transient execution in certain vector execution units for some IntelR Processors may allow an authenticated user to potentially enable information disclosure via local access. CVE-2022-40982 Impact Successfu...

K83713003: RetBleed CPU vulnerability CVE-2022-29901

Security Advisory Description There are two RetBleed vulnerabilities. This article applies to CVE-2022-29901. For information about CVE-2022-29900 refer to the following article: K57185580: RetBleed CPU vulnerability CVE-2022-29900 Intel microprocessor generations 6 to 8 are affected by a new...

K43541501: Intel CPU vulnerabilities CVE-2022-21131 and CVE-2022-21136

Security Advisory Description CVE-2022-21131 Improper access control for some IntelR XeonR Processors may allow an authenticated user to potentially enable information disclosure via local access. CVE-2022-21136 Improper input validation for some IntelR XeonR Processors may allow a privileged use...

K40778012: Intel CPU vulnerability CVE-2021-0127

Security Advisory Description Insufficient control flow management in some IntelR Processors may allow an authenticated user to potentially enable a denial of service via local access. CVE-2021-0127 Impact An authenticated attacker may exploit the Intel processor firmware to cause a denial of...

K37708118: BIG-IP DNS profile vulnerability CVE-2023-22839

Security Advisory Description When a DNS profile with the Rapid Response Mode setting enabled is configured on a virtual server with hardware SYN cookies enabled, undisclosed requests cause the Traffic Management Microkernel TMM to terminate. CVE-2023-22839 Impact Traffic is disrupted while the T...

Intel CPU vulnerability CVE-2021-0091

Improper access control in the firmware for some IntelR Processors may allow an unauthenticated user to potentially enable an escalation of privilege via local access. CVE-2021-0091 Impact An attacker may be able to exploit the Intel processor firmware to gain elevated access to resources. The...

Intel CPU vulnerability CVE-2021-0093

Incorrect default permissions in the firmware for some IntelR Processors may allow a privileged user to potentially enable a denial of service via local access. CVE-2021-0093 Impact An attacker may be able to exploit the Intel processor firmware to gain elevated access to resources. The following...

Intel CPU vulnerability CVE-2021-0119

Improper initialization in the firmware for some IntelR Processors may allow a privileged user to potentially enable escalation of privilege via physical access. CVE-2021-0119 Impact An attacker may be able to exploit the Intel processor firmware to gain elevated access to resources. The followin...

Intel CPU vulnerability CVE-2021-0092

Improper access control in the firmware for some IntelR Processors may allow a privileged user to potentially enable a denial of service via local access. CVE-2021-0092 Impact An attacker may be able to exploit the Intel processor firmware to gain elevated access to resources. The following...

Intel CPU vulnerability CVE-2021-0125

Improper initialization in the firmware for some IntelR Processors may allow a privileged user to potentially enable escalation of privilege via physical access. CVE-2021-0125 Impact An attacker may be able to exploit the Intel processor firmware to gain elevated access to resources. The followin...

Intel CPU vulnerabilities CVE-2021-0107 and CVE-2021-0111

CVE-2021-0107 Unchecked return value in the firmware for some IntelR Processors may allow a privileged user to potentially enable escalation of privilege via local access. CVE-2021-0111 NULL pointer dereference in the firmware for some IntelR Processors may allow a privileged user to potentially...

Intel CPU vulnerability CVE-2021-0156

Improper input validation in the firmware for some IntelR Processors may allow an authenticated user to potentially enable an escalation of privilege via local access. CVE-2021-0156 Impact An attacker may be able to exploit the Intel processor firmware to gain elevated access to resources. The...

Intel CPU vulnerability CVE-2021-0099

Insufficient control flow management in the firmware for some IntelR Processors may allow an authenticated user to potentially enable an escalation of privilege via local access. CVE-2021-0099 Impact An attacker may be able to exploit the Intel processor firmware to gain elevated access to...