CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

On BIG-IP APM 11.6.0-11.6.3, an insecure AES ECB mode is used for origuri parameter in an undisclosed /vdesk link of APM virtual server configured with an access profile, allowing a malicious user to build a redirect URI value using different blocks of cipher texts...

6.1CVSS5.8AI score0.01445EPSS

Exploits1References3

CVE•added 2018/09/13 2:0 p.m.•69 views

CVE-2018-5548

CVE-2018-5548 affects BIG-IP APM. The connected F5 advisory confirms an insecure AES ECB mode is used for the orig_uri parameter in an undisclosed /vdesk link of an APM virtual server with an access profile. This enables an attacker with a valid APM session to forge a redirect URL by manipulating...

6.1CVSS6.2AI score0.01445EPSS

Exploits1References3Affected Software1

securityvulns•added 2012/10/29 12:0 a.m.•29 views

Beaker information leakage

Information leakage in AES ECB mode...

4.3CVSS2.1AI score0.02447EPSS

Exploits0References1Affected Software1

PyPA•added 2012/09/15 5:55 p.m.•7 views

PYSEC-2012-1

Beaker before 1.6.4, when using PyCrypto to encrypt sessions, uses AES in ECB cipher mode, which might allow remote attackers to obtain portions of sensitive session data via unspecified vectors...

4.3CVSS7AI score0.02447EPSS

Exploits0References7Affected Software1

Cvelist•added 2012/09/15 5:0 p.m.•26 views

CVE-2012-3458

Beaker before 1.6.4, when using PyCrypto to encrypt sessions, uses AES in ECB cipher mode, which might allow remote attackers to obtain portions of sensitive session data via unspecified vectors...

6.2AI score0.02447EPSS

Exploits0References6

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by