Lucene search
+L

324 matches found

CVE
CVE
added 2024/02/14 4:30 p.m.77 views

CVE-2024-21763

CVE-2024-21763 affects BIG-IP AFM (part of BIG-IP) where when DoS or a DoS profile is configured with NXDOMAIN attack vectors and bad-actor detection, undisclosed queries can trigger a crash of the Traffic Management Microkernel (TMM), causing a DoS condition. The primary published details indica...

7.5CVSS7.6AI score0.00515EPSS
Exploits0References1Affected Software1
Vulnrichment
Vulnrichment
added 2024/02/14 4:30 p.m.9 views

CVE-2024-21771 F5 AFM Signature Matching Vulnerability

For unspecified traffic patterns, BIG-IP AFM IPS engine may spend an excessive amount of time matching the traffic against signatures, resulting in Traffic Management Microkernel TMM restarting and traffic disruption. Note: Software versions which have reached End of Technical Support EoTS are no...

7.5CVSS7.2AI score0.00515EPSS
Exploits0References1
CVE
CVE
added 2024/02/14 4:30 p.m.65 views

CVE-2024-21771

CVE-2024-21771 affects BIG-IP AFM where the IPS engine may spend excessive time matching traffic against signatures for unspecified traffic patterns, causing TMM to restart and traffic disruption. Public documents confirm impacted product is BIG-IP AFM with IPS/VPN features enabled under Protocol...

7.5CVSS7.7AI score0.00515EPSS
Exploits0References1Affected Software1
F5 Networks
F5 Networks
added 2024/02/14 1:58 p.m.43 views

K000137521: BIG-IP AFM vulnerability CVE-2024-21763

Security Advisory Description When BIG-IP AFM Device DoS or DoS profile is configured with NXDOMAIN attack vector and bad actor detection, undisclosed queries can cause the Traffic Management Microkernel TMM to terminate. CVE-2024-21763 Impact Traffic is disrupted while the TMM process restarts...

7.5CVSS7.7AI score0.00515EPSS
Exploits0Affected Software1
F5 Networks
F5 Networks
added 2024/02/14 1:19 p.m.37 views

K000137595: BIG-IP AFM signature matching vulnerability CVE-2024-21771

Security Advisory Description For unspecified traffic patterns, BIG-IP AFM IPS engine may spend an excessive amount of time matching the traffic against signatures, resulting in Traffic Management Microkernel TMM restarting and traffic disruption. CVE-2024-21771 Impact When attackers exploit this...

7.5CVSS7.5AI score0.00515EPSS
Exploits0Affected Software2
Tenable Nessus
Tenable Nessus
added 2024/02/14 12:0 a.m.25 views

F5 Networks BIG-IP : BIG-IP AFM vulnerability (K000137521)

The version of F5 Networks BIG-IP installed on the remote host is prior to 17.1.1. It is, therefore, affected by a vulnerability as referenced in the K000137521 advisory. When BIG-IP AFM Device DoS or DoS profile is configured with NXDOMAIN attack vector and bad actor detection, undisclosed queri...

7.5CVSS7.4AI score0.00515EPSS
Exploits0References2
CNNVD
CNNVD
added 2024/02/14 12:0 a.m.7 views

F5 BIG-IP AFM Code Issue Vulnerability

F5 BIG-IP AFM is an advanced firewall product from F5 USA for protection against DDos attacks. A security vulnerability exists in the F5 BIG-IP AFM that stems from an undisclosed query that could cause the Traffic Management Microkernel TMM to terminate when the BIG-IP AFM appliance DoS or DoS...

7.5CVSS6.7AI score0.00515EPSS
Exploits0References3
Fedora
Fedora
added 2024/01/25 12:41 a.m.29 views

[SECURITY] Fedora 39 Update: fonttools-4.43.1-1.fc39

fontTools is a library for manipulating fonts, written in Python. The project includes the TTX tool, that can convert TrueType and OpenType fonts to and from an XML text format, which is also called TTX. It supports TrueType, OpenType, AFM and to an extent Type 1 and some Mac-specific formats...

7.5CVSS7.4AI score0.01238EPSS
Exploits1
OpenVAS
OpenVAS
added 2024/01/25 12:0 a.m.10 views

Fedora: Security Advisory (FEDORA-2024-6d1d9f70d2)

The remote host is missing an update for the SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

7.5CVSS7.5AI score0.01238EPSS
Exploits1References4
Tenable Nessus
Tenable Nessus
added 2023/11/02 12:0 a.m.19 views

F5 Networks BIG-IP : BIG-IP AFM vulnerability (K14703097)

The version of F5 Networks BIG-IP installed on the remote host is prior to 13.1.3.2 / 14.1.2.1 / 15.0.1.1 / 15.1.0. It is, therefore, affected by a vulnerability as referenced in the K14703097 advisory. - On BIG-IP AFM 15.0.0-15.0.1, 14.0.0-14.1.2, and 13.1.0-13.1.3.1, when bad-actor detection is...

7.5CVSS7.4AI score0.01204EPSS
Exploits0References2
CNNVD
CNNVD
added 2023/09/27 12:0 a.m.4 views

F5 BIG-IP AFM Security Vulnerability

F5 BIG-IP AFM is an advanced firewall product from F5 USA for protection against DDos attacks. A security vulnerability exists in the F5 BIG-IP AFM Clients that stems from a vulnerability that allows an attacker to trick clients into sending IP traffic outside of the VPN tunnel...

7.1CVSS6.7AI score0.00154EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2023/04/14 12:0 a.m.32 views

F5 Networks BIG-IP : BIG-IP AFM vulnerability (K46048342)

The version of F5 Networks BIG-IP installed on the remote host is prior to 14.1.5.3 / 15.1.8 / 16.1.3.3 / 17.0.0.2 / 17.1.0. It is, therefore, affected by a vulnerability as referenced in the K46048342 advisory. - On versions 17.0.x before 17.0.0.2, 16.1.x before 16.1.3.3, 15.1.x before 15.1.8,...

7.5CVSS7.4AI score0.00626EPSS
Exploits0References2
F5 Networks
F5 Networks
added 2023/02/21 8:2 p.m.260 views

K30425568: Overview of F5 vulnerabilities (October 2022)

Security Advisory Description On October 19, 2022, F5 announced the following security issues. This document is intended to serve as an overview of these vulnerabilities and security exposures to help determine the impact to your F5 devices. You can find the details of each issue in the associate...

8.8CVSS6.2AI score0.011EPSS
Exploits2
F5 Networks
F5 Networks
added 2023/02/21 8:2 p.m.42 views

K22843911: F5 Path MTU Discovery vulnerability CVE-2015-7759

Security Advisory Description BIG-IP LTM, AAM, AFM, Analytics, APM, ASM, Link Controller, and PEM 12.0.0 before HF1, when the TCP profile for a virtual server is configured with Congestion Metrics Cache enabled, allow remote attackers to cause a denial of service Traffic Management Microkernel TM...

4.3CVSS4.9AI score0.01516EPSS
Exploits0Affected Software8
F5 Networks
F5 Networks
added 2023/02/21 7:55 p.m.38 views

K14703097: BIG-IP AFM vulnerability CVE-2019-6672

Security Advisory Description When bad-actor detection is configured on a wildcard virtual server on platforms with hardware-based sPVA, the performance of the BIG-IP AFM system is degraded. CVE-2019-6672 Impact The affected BIG-IP AFM system's CPU usage increases and may cause the legitimate...

7.5CVSS7.3AI score0.01204EPSS
Exploits0Affected Software1
F5 Networks
F5 Networks
added 2023/02/21 7:33 p.m.46 views

K94255403: BIG-IP AFM vulnerability CVE-2021-23040

Security Advisory Description A SQL injection vulnerability exists in an undisclosed page of the BIG-IP Configuration utility. This issue is exposed only when BIG-IP AFM is provisioned. CVE-2021-23040 Impact An authenticated attacker can exploit this vulnerability to execute malicious SQL...

8.8CVSS8.7AI score0.00995EPSS
Exploits0Affected Software1
F5 Networks
F5 Networks
added 2023/02/21 7:31 p.m.36 views

K16349: Linux kernel vulnerability CVE-2009-0676

Security Advisory Description Description The sockgetsockopt function in net/core/sock.c in the Linux kernel before 2.6.28.6 does not initialize a certain structure member, which allows local users to obtain potentially sensitive information from kernel memory via an SOBSDCOMPAT getsockopt reques...

2.1CVSS4AI score0.00701EPSS
Exploits1
F5 Networks
F5 Networks
added 2023/02/21 7:30 p.m.20 views

K05204103: F5 TMM vulnerability CVE-2020-5950

Security Advisory Description An early syncookie leaks forwarding flows if the virtual server has Clustered Multiprocessing CMP disabled and the BIG-IP AFM module is provisioned. CVE-2020-5950 Impact The BIG-IP system resources may be excessively consumed and potentially lead to a failover event...

5.3CVSS5.5AI score0.01043EPSS
Exploits0Affected Software1
F5 Networks
F5 Networks
added 2023/02/21 7:27 p.m.39 views

K12650: PHP vulnerability CVE-2010-4645

Security Advisory Description Note : For information about signing up to receive security notice updates from F5, refer to K9970: Subscribe to email notifications regarding F5 products and security announcements. Note : Versions that are not listed in this article have not been evaluated for...

5CVSS9AI score0.15103EPSS
Exploits1
F5 Networks
F5 Networks
added 2023/02/21 6:59 p.m.33 views

K61002104: BIG-IP AFM and PEM TMUI XSS vulnerability CVE-2019-6639

Security Advisory Description Undisclosed TMUI pages for AFM and PEM Subscriber management are vulnerable to a stored cross-site scripting XSS issue. This is a control plane issue only and is not accessible from the data plane. The attack requires a malicious resource administrator to store the...

4.8CVSS5.1AI score0.00677EPSS
Exploits0Affected Software2
Rows per page
Query Builder