Lucene search
K

118 matches found

Prion
Prion
added 2017/12/21 5:29 p.m.20 views

Code injection

In F5 BIG-IP LTM, AAM, AFM, Analytics, APM, ASM, DNS, GTM, Link Controller, PEM and Websafe software version 13.0.0, 12.0.0 to 12.1.2, 11.6.0 to 11.6.1 and 11.5.0 - 11.5.4, an undisclosed sequence of packets sent to BIG-IP High Availability state mirror listeners primary and/or secondary IP may...

5CVSS7.6AI score0.02537EPSS
Exploits0References3Affected Software11
CVE
CVE
added 2017/12/21 5:0 p.m.61 views

CVE-2017-6135

CVE-2017-6135 affects F5 BIG-IP software (LTM, AAM, AFM, Analytics, APM, ASM, DNS, GTM, Link Controller, PEM, WebSafe) version 13.0.0. The issue is a slow memory leak caused by undisclosed IPv4/IPv6 packets sent to the BIG-IP management port or self IP addresses, which can lead to out-of-memory (...

7.8CVSS7.5AI score0.01637EPSS
Exploits0References2Affected Software1
Cvelist
Cvelist
added 2017/12/21 5:0 p.m.27 views

CVE-2017-6138

In F5 BIG-IP LTM, AAM, AFM, Analytics, APM, ASM, DNS, GTM, Link Controller, PEM and WebSafe software version 13.0.0 and 12.1.0 - 12.1.2, malicious requests made to virtual servers with an HTTP profile can cause the TMM to restart. The issue is exposed with BIG-IP APM profiles, regardless of...

7.4AI score0.01585EPSS
Exploits0References2
CVE
CVE
added 2017/12/21 5:0 p.m.66 views

CVE-2017-6151

CVE-2017-6151 affects F5 BIG-IP software (LTM, AAM, AFM, Analytics, APM, ASM, DNS, Edge Gateway, GTM, Link Controller, PEM, WebAccelerator, WebSafe) version 13.0.0 where virtual servers using the HTTP/2 profile may cause disruption of TMM. Root cause: undisclosed requests to HTTP/2-enabled virtua...

7.8CVSS7.4AI score0.01637EPSS
Exploits0References2Affected Software1
CVE
CVE
added 2017/12/21 5:0 p.m.56 views

CVE-2017-6134

The vulnerability CVE-2017-6134 affects F5 BIG-IP BIG-IP LTM, AAM, AFM, Analytics, APM, ASM, DNS, GTM, Link Controller, PEM and WebSafe across 11.x, 12.x, and 13.x branches. An undisclosed sequence of packets from an adjacent network can cause the Traffic Management Microkernel (TMM) to crash, po...

6.5CVSS6.4AI score0.00866EPSS
Exploits0References4Affected Software1
CVE
CVE
added 2017/12/21 5:0 p.m.72 views

CVE-2017-6167

CVE-2017-6167 is a race-condition vulnerability in F5 BIG-IP iControl REST that can cause commands to execute with elevated privileges. Affected BIG-IP versions include 13.x (13.0.0), 12.x (12.1.0–12.1.2), 14.x (14.1.x), 15.x (15.0–15.1.1/2), and 16.x (16.0.0–16.0.1). Red Hat and F5 advisories co...

8.5CVSS7.5AI score0.01062EPSS
Exploits0References2Affected Software1
CVE
CVE
added 2017/12/21 5:0 p.m.69 views

CVE-2017-6138

CVE-2017-6138 affects F5 BIG-IP software (LTM, AAM, AFM, Analytics, APM, ASM, DNS, GTM, Link Controller, PEM, WebSafe) versions 13.0.0 and 12.1.0–12.1.2. Malicious requests to virtual servers with an HTTP profile can cause TMM restart; APM profiles are affected regardless of settings, and non-def...

7.5CVSS7.3AI score0.01585EPSS
Exploits0References2Affected Software1
CVE
CVE
added 2017/12/21 5:0 p.m.69 views

CVE-2017-6133

In F5 BIG-IP, the CVE-2017-6133 vulnerability affects BIG-IP LTM, AAM, AFM, Analytics, APM, ASM, DNS, Link Controller, PEM and WebSafe with versions 13.0.0 and 12.1.0–12.1.2. The issue arises from an undisclosed HTTP request handling flaw in the Traffic Management Microkernel (TMM), leading to de...

7.8CVSS7.4AI score0.0236EPSS
Exploits0References3Affected Software1
CVE
CVE
added 2017/12/21 5:0 p.m.62 views

CVE-2017-6132

CVE-2017-6132 affects F5 BIG-IP LTM and multiple modules (AAM, AFM, Analytics, APM, ASM, DNS, GTM, Link Controller, PEM, WebSafe) across versions 11.5.0–11.5.4, 11.6.0–11.6.1, 12.0.0–12.1.2, and 13.0.0. The issue stems from an undisclosed sequence of packets sent to HA mirror listeners that may c...

7.5CVSS7.6AI score0.02537EPSS
Exploits0References3Affected Software1
Tenable Nessus
Tenable Nessus
added 2017/12/21 12:0 a.m.28 views

F5 Networks BIG-IP : NTP vulnerability (K31310492)

Stack-based buffer overflow in the reslist function in ntpq in NTP before 4.2.8p10 and 4.3.x before 4.3.94 allows remote servers have unspecified impact via a long flagstr variable in a restriction list response. CVE-2017-6460 C Tenable Network Security, Inc. The descriptive text and package chec...

8.8CVSS8.2AI score0.02682EPSS
Exploits0References2
Prion
Prion
added 2017/11/22 4:29 p.m.22 views

Code injection

In BIG-IP LTM, AAM, AFM, Analytics, APM, ASM, DNS, Link Controller, PEM, and WebSafe software 12.0.0 to 12.1.1, in some cases the Traffic Management Microkernel TMM may crash when processing fragmented packets. This vulnerability affects TMM through a virtual server configured with a FastL4...

4.3CVSS5.7AI score0.01928EPSS
Exploits0References3Affected Software11
Prion
Prion
added 2017/10/27 2:29 p.m.23 views

Design/Logic Flaw

In F5 BIG-IP AAM and PEM software version 12.0.0 to 12.1.1, 11.6.0 to 11.6.1, 11.4.1 to 11.5.4, a remote attacker may create maliciously crafted HTTP request to cause Traffic Management Microkernel TMM to restart and temporarily fail to process traffic. This issue is exposed on virtual servers...

4.3CVSS5.7AI score0.03645EPSS
Exploits0References3Affected Software2
NVD
NVD
added 2017/10/27 2:29 p.m.23 views

CVE-2017-6160

In F5 BIG-IP AAM and PEM software version 12.0.0 to 12.1.1, 11.6.0 to 11.6.1, 11.4.1 to 11.5.4, a remote attacker may create maliciously crafted HTTP request to cause Traffic Management Microkernel TMM to restart and temporarily fail to process traffic. This issue is exposed on virtual servers...

5.9CVSS5.7AI score0.03645EPSS
Exploits0References3
Prion
Prion
added 2017/10/27 2:29 p.m.17 views

Code injection

F5 BIG-IP LTM, AAM, AFM, Analytics, APM, ASM, DNS, GTM, Link Controller, PEM, Websafe software version 12.0.0 to 12.1.2, 11.6.0 to 11.6.1 are vulnerable to a denial of service attack when the MPTCP option is enabled on a virtual server. Data plane is vulnerable when using the MPTCP option of a TC...

4.3CVSS5.6AI score0.01589EPSS
Exploits0References3Affected Software8
Prion
Prion
added 2017/10/27 2:29 p.m.21 views

Code injection

In F5 BIG-IP LTM, AAM, AFM, APM, ASM, Link Controller, PEM, PSM software version 12.0.0 to 12.1.2, 11.6.0 to 11.6.1, 11.4.0 to 11.5.4, when a virtual server uses the standard configuration of HTTP/2 or SPDY profile with Client SSL profile, and the client initiates a number of concurrent streams...

4.3CVSS5.8AI score0.01674EPSS
Exploits0References3Affected Software8
Cvelist
Cvelist
added 2017/10/27 2:0 p.m.27 views

CVE-2017-6157

In F5 BIG-IP LTM, AAM, AFM, Analytics, APM, ASM, DNS, GTM, Link Controller, PEM and Websafe software version 12.0.0 to 12.1.1, 11.6.0 to 11.6.1, 11.5.0 - 11.5.4, virtual servers with a configuration using the HTTP Explicit Proxy functionality and/or SOCKS profile are vulnerable to an...

8.7AI score0.04013EPSS
Exploits0References3
CVE
CVE
added 2017/10/27 2:0 p.m.78 views

CVE-2017-0303

Summary : CVE-2017-0303 affects multiple BIG-IP products (e.g., BIG-IP LTM, AAM, AFM, Analytics, APM, ASM, DNS, GTM, Link Controller, PEM, WebSafe) with affected versions including 13.0.0 and 12.0.0–12.1.2, 11.5.1–11.6.1. The issue arises when connections handled by a Virtual Server with an assoc...

7.5CVSS7.4AI score0.02664EPSS
Exploits0References3Affected Software1
CVE
CVE
added 2017/10/27 2:0 p.m.60 views

CVE-2017-6163

CVE-2017-6163 affects BIG-IP LTM and multiple modules (AAM, AFM, APM, ASM, Link Controller, PEM, PSM). When a virtual server uses HTTP/2 or SPDY with a Client SSL profile, and a client opens concurrent streams beyond the advertised limit, the TMM data plane can be disrupted, while the control pla...

5.9CVSS5.7AI score0.01674EPSS
Exploits0References3Affected Software1
CVE
CVE
added 2017/10/27 2:0 p.m.58 views

CVE-2017-6160

CVE-2017-6160 affects F5 BIG-IP TMM: remote attacker can craft HTTP requests to force Traffic Management Microkernel (TMM) to restart, causing temporary traffic disruption. According to the advisory, vulnerable configurations include BIG-IP AAM (versions 12.0.0–12.1.1, 11.6.0–11.6.1, 11.4.1–11.5....

5.9CVSS5.6AI score0.03645EPSS
Exploits0References3Affected Software1
Cvelist
Cvelist
added 2017/10/27 2:0 p.m.21 views

CVE-2017-6160

In F5 BIG-IP AAM and PEM software version 12.0.0 to 12.1.1, 11.6.0 to 11.6.1, 11.4.1 to 11.5.4, a remote attacker may create maliciously crafted HTTP request to cause Traffic Management Microkernel TMM to restart and temporarily fail to process traffic. This issue is exposed on virtual servers...

5.7AI score0.03645EPSS
Exploits0References3
Rows per page
Query Builder