324 matches found
K58290051: BIG-IP AFM vulnerability CVE-2020-5937
Security Advisory Description The Traffic Management Microkernel TMM may produce a core file while processing layer 4 L4 behavioral denial-of-service DoS traffic. CVE-2020-5937 Impact The BIG-IP system may temporarily fail to process traffic as it recovers from a TMM restart, and devices configur...
K72423000: The BIG-IP AFM ACL and IPI features may not function as designed
Security Advisory Description This issue occurs when all of the following conditions are met: You have provisioned and configured the BIG-IP AFM module. Your system has active TCP half-open mitigations. Impact Some BIG-IP AFM features like access control lists ACLs and IP Intelligence IPI are not...
K25160703: BIG-IP AFM vulnerability CVE-2020-5920
Security Advisory Description A vulnerability in the BIG-IP AFM Configuration utility may allow any authenticated BIG-IP user to perform a read-only blind SQL injection attack. CVE-2020-5920 Impact An attacker may be able to extract table name enumeration and user account names. All other data...
K60344652: BIG-IP AFM vulnerability CVE-2020-27714
Security Advisory Description On the BIG-IP AFM, when a Protocol Inspection Profile is attached to a FastL4 virtual server with the protocol field configured to either Other or All Protocols, the TMM may experience a restart if the profile processes non-TCP traffic. CVE-2020-27714 Impact The...
K92306170: BIG-IP AFM single endpoint flood/sweep DoS vector security exposure
Security Advisory Description BIG-IP AFM single endpoint sweep and single endpoint flood DoS vector configuration states are unexpectedly disabled after updating/upgrading software to BIG-IP 14.1.0 and later. This issue occurs when all of the following conditions are met: You updated/upgraded you...
K25451853: TMUI XSS vulnerability CVE-2022-28716
Security Advisory Description A DOM-based cross-site scripting XSS vulnerability exists in an undisclosed page of the BIG-IP AFM, CGNAT, and PEM Configuration utility that allows an attacker to execute JavaScript in the context of the currently logged-in user. CVE-2022-28716 Impact An attacker ma...
K16101409: BIG-IP AFM vulnerability CVE-2022-23028
Security Advisory Description When global AFM SYN cookie protection TCP Half Open flood vector is activated in the AFM Device Dos or DOS profile, certain types of TCP connections will fail. CVE-2022-23028 Impact This vulnerability allows a remote attacker to cause a denial-of-service DoS on the...
K24358905: BIG-IP AFM virtual server vulnerability CVE-2022-23018
Security Advisory Description When a virtual server is configured with both HTTP protocol security and HTTP Proxy Connect profiles, undisclosed requests can cause the Traffic Management Microkernel TMM to terminate. CVE-2022-23018 Impact Traffic is disrupted while the TMM process restarts. This...
K20682450: BIG-IP AFM vulnerability CVE-2017-6142
Security Advisory Description X509 certificate verification was not correctly implemented in the early access "user id" feature in the BIG-IP Advanced Firewall Manager, and thus did not properly validate the remote server's identity on certain versions of BIG-IP. CVE-2017-6142 Impact In affected...
K00721320: BIG-IP AFM NAT64 policy vulnerability CVE-2022-41806
Security Advisory Description When a BIG-IP AFM Network Address Translation policy with IPv6/IPv4 translation rules is configured on a virtual server, undisclosed requests can cause an increase in memory resource utilization. CVE-2022-41806 Impact System performance can degrade until the TMM...
K54892865: BIG-IP AFM vulnerability CVE-2022-23024
Security Advisory Description When the IPsec application layer gateway ALG logging profile is configured on an IPsec ALG virtual server, undisclosed IPsec traffic can cause the Traffic Management Microkernel TMM to terminate. CVE-2022-23024 Impact Traffic is disrupted while the TMM process...
K76518456: BIG-IP AFM vulnerability CVE-2021-22983
Security Advisory Description Authenticated users accessing the Configuration utility for AFM are vulnerable to a cross-site scripting attack if they attempt to access a maliciously-crafted URL. CVE-2021-22983 Impact BIG-IP When you access the BIG-IP system using a client that has the BIG-IP AFM...
K95010813: The BIG-IP AFM policy does not classify a DNS query name with a label length greater than 23 bytes
Security Advisory Description The BIG-IP AFM policy does not classify a DNS query name with a label length greater than 23 bytes. This issue occurs when all of the following conditions are met: You configure a port misuse policy for DNS and a service policy on the BIG-IP AFM system. The...
K21121741: BIG-IP AFM SQL injection vulnerability CVE-2019-6658
Security Advisory Description A vulnerability in the BIG-IP AFM Configuration utility may allow any authenticated BIG-IP user to run an SQL injection attack. CVE-2019-6658 Impact An attacker may be able to extract table name enumeration and user account names. All other data available through the...
K39428424: SQL injection vulnerability CVE-2017-0304
Security Advisory Description The SQL injection vulnerability in the Configuration utility is related to the BIG-IP AFM system. CVE-2017-0304 Impact An attacker can exploit this vulnerability regardless of the BIG-IP AFM provisioning configuration; however, exploiting this vulnerability does not...
K93723284: BIG-IP PEM and AFM TMUI, TMSH, and iControl REST vulnerability CVE-2022-41813
Security Advisory Description When the BIG-IP system is provisioned with the PEM or AFM module, an undisclosed input can cause the Traffic Management Microkernel TMM to terminate. CVE-2022-41813 Impact Traffic is disrupted while the TMM process restarts. This vulnerability allows a remote...
K16882: OpenLDAP vulnerability CVE-2013-4449
Security Advisory Description Description The rwm overlay in OpenLDAP 2.4.23, 2.4.36, and earlier does not properly count references, which allows remote attackers to cause a denial of service slapd crash by unbinding immediately after a search request, which triggers rwmconndestroy to free the...
K15746: Linux kernel vulnerability CVE-2012-4542
Security Advisory Description Description block/scsiioctl.c in the Linux kernel through 3.8 does not properly consider the SCSI device class during authorization of SCSI commands, which allows local users to bypass intended access restrictions via an SGIO ioctl call that leverages overlapping...
K16318: OpenSSL vulnerability CVE-2015-0287
Security Advisory Description The ASN1itemexd2i function in crypto/asn1/tasndec.c in OpenSSL before 0.9.8zf, 1.0.0 before 1.0.0r, 1.0.1 before 1.0.1m, and 1.0.2 before 1.0.2a does not reinitialize CHOICE and ADB data structures, which might allow attackers to cause a denial of service invalid wri...
SUSE CVE-2010-2642
Heap-based buffer overflow in the AFM font parser in the dvi-backend component in Evince 2.32 and earlier, teTeX 3.0, t1lib 5.1.2, and possibly other products allows remote attackers to cause a denial of service application crash or possibly execute arbitrary code via a crafted font in conjunctio...