Lucene search
K

32 matches found

Cvelist
Cvelist
added 2019/05/03 7:28 p.m.32 views

CVE-2019-6618

On BIG-IP 14.0.0-14.1.0.1, 13.0.0-13.1.1.4, 12.1.0-12.1.4, 11.6.1-11.6.3.4, and 11.5.2-11.5.8, users with the Resource Administrator role can modify sensitive portions of the filesystem if provided Advanced Shell Access, such as editing /etc/passwd. This allows modifications to user objects and i...

5.2AI score0.00894EPSS
Exploits0References1
Tenable Nessus
Tenable Nessus
added 2019/05/01 12:0 a.m.30 views

F5 Networks BIG-IP : BIG-IP Resource Administrator vulnerability (K07702240)

The version of F5 Networks BIG-IP installed on the remote host is prior to 11.5.9 / 11.6.4 / 12.1.4.1 / 13.1.1.5 / 14.1.0.2 / 15.0.0. It is, therefore, affected by a vulnerability as referenced in the K07702240 advisory. - On BIG-IP 14.0.0-14.1.0.1, 13.0.0-13.1.1.4, 12.1.0-12.1.4, 11.6.1-11.6.3.4...

4.9CVSS5.4AI score0.00894EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2019/05/01 12:0 a.m.22 views

F5 Networks BIG-IP : Appliance mode tmsh vulnerability (K87659521)

On BIG-IP 14.0.0-14.1.0.1, 13.0.0-13.1.1.4, 12.1.0-12.1.4, 11.6.1-11.6.3.4, and 11.5.2-11.5.8, Administrator and Resource Administrator roles might exploit TMSH access to bypass Appliance Mode restrictions on BIG-IP systems. CVE-2019-6615 Impact Attackers can gain access to an Advanced Shell bash...

4.9CVSS6AI score0.01113EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2019/03/25 12:0 a.m.21 views

F5 Networks BIG-IP : BIG-IP ASM XSS vulnerability (K14812883)

This is a stored cross-site scripting XSS vulnerability in an ASM violation viewed in the Configuration utility. In the worst case, an attacker can store a CSRF, which results in code execution as the admin user. CVE-2019-6607 The user levels that can store this attack are ASM Administrator,...

6.8CVSS7AI score0.00742EPSS
Exploits0References2
Prion
Prion
added 2018/05/02 1:29 p.m.20 views

Code injection

On F5 BIG-IP 13.0.0-13.1.0.5, 12.1.0-12.1.3.3, or 11.2.1-11.6.3.1, administrative users by way of undisclosed methods can exploit the ssldump utility to write to arbitrary file paths. For users who do not have Advanced Shell access for example, any user when licensed for Appliance Mode, this allo...

5.5CVSS5.3AI score0.01039EPSS
Exploits0References2Affected Software13
exploitpack
exploitpack
added 2017/05/28 12:0 a.m.37 views

CERIO DT-100G-NDT-300NCW-300N - Multiple Vulnerabilities

CERIO DT-100G-NDT-300NCW-300N - Multiple Vulnerabilities CERIO 11nbg 2.4Ghz High Power Wireless Router pekcmd Rootshell Backdoors Vendor: CERIO Corporation Product web page: http://www.cerio.com.tw Affected version: DT-100G-N fw: Cen-WR-G2H5 v1.0.6 DT-300N fw: Cen-CPE-N2H10A v1.0.14 DT-300N fw:...

0.4AI score
Exploits0
Tenable Nessus
Tenable Nessus
added 2017/05/16 12:0 a.m.41 views

F5 Networks BIG-IP : GnuPG vulnerability (K21284031)

The douncompress function in g10/compress.c in GnuPG 1.x before 1.4.17 and 2.x before 2.0.24 allows context-dependent attackers to cause a denial of service infinite loop via malformed compressed packets, as demonstrated by an a3 01 5b ff byte sequence. CVE-2014-4617 Impact ARX This vulnerability...

5CVSS6.6AI score0.03305EPSS
Exploits0References2
OSV
OSV
added 2017/03/27 3:59 p.m.5 views

CVE-2016-7474

In some cases the MCPD binary cache in F5 BIG-IP devices may allow a user with Advanced Shell access, or privileges to generate a qkview, to temporarily obtain normally unrecoverable information...

5.5CVSS5.8AI score0.00361EPSS
Exploits0References3
CVE
CVE
added 2017/03/27 3:0 p.m.72 views

CVE-2016-7474

The CVE-2016-7474 issue affects F5 BIG-IP MCPD: the MCPD binary cache can allow a local user with Advanced Shell access to leak previously unrecoverable data (e.g., passwords for recently created local accounts and passphrases since last reboot). The F5 advisory lists affected BIG-IP products and...

5.5CVSS5.7AI score0.00361EPSS
Exploits0References3Affected Software1
CNVD
CNVD
added 2016/01/15 12:0 a.m.4 views

Multiple F5 BIG-IP Products Privilege Acquisition Vulnerabilities

F5 BIG-IP is an equipment product manufactured by F5 Network for application delivery services, mainly used for load balancing, service acceleration optimization and other purposes. A security vulnerability exists in the dcoep of multiple F5 BIG-IP products, which can be exploited by a local...

7.4CVSS7AI score0.0034EPSS
Exploits0References1
Tenable Nessus
Tenable Nessus
added 2015/10/28 12:0 a.m.32 views

F5 Networks BIG-IP : Datastor kernel vulnerability (K17407)

The datastor kernel module in F5 BIG-IP Analytics, APM, ASM, Link Controller, and LTM 11.1.0 before 12.0.0, BIG-IP AAM 11.4.0 before 12.0.0, BIG-IP AFM, PEM 11.3.0 before 12.0.0, BIG-IP Edge Gateway, WebAccelerator, and WOM 11.1.0 through 11.3.0, BIG-IP GTM 11.1.0 through 11.6.0, BIG-IP PSM 11.1....

9CVSS5.7AI score0.03892EPSS
Exploits0References2
OpenVAS
OpenVAS
added 2015/09/18 12:0 a.m.31 views

F5 BIG-IP - Linux kernel vulnerability CVE-2015-3636

The remote host is missing a security patch. SPDX-FileCopyrightText: 2015 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/h:f5:big-ip"; if description...

4.9CVSS7AI score0.02472EPSS
Exploits6References1
Rows per page
Query Builder