108 matches found
F5 BIG-IP ASM Denial of Service Vulnerability (CNVD-2020-74859)
F5 BIG-IP is an application delivery platform from F5 USA that integrates network traffic management, application security management, load balancing and other functions. A denial of service vulnerability exists in the F5 BIG-IP ASM product, which can be exploited by an attacker who can trigger a...
CVE-2020-5928
In versions 15.1.0-15.1.0.4, 15.0.0-15.0.1.3, 14.1.0-14.1.2.6, 13.1.0-13.1.3.4, 12.1.0-12.1.5.1, and 11.6.1-11.6.5.1, BIG-IP ASM Configuration utility CSRF protection token can be reused multiple times...
CVE-2020-5927
In versions 15.1.0-15.1.0.4, 15.0.0-15.0.1.3, and 14.1.0-14.1.2.6, BIG-IP ASM Configuration utility Stored-Cross Site Scripting...
CVE-2020-5914
In BIG-IP ASM versions 15.1.0-15.1.0.4, 15.0.0-15.0.1.3, 14.1.0-14.1.2.3, 13.1.0-13.1.3.3, 12.1.0-12.1.5.1, and 11.6.1-11.6.5.1, undisclosed server cookie scenario may cause BD to restart under some circumstances...
CVE-2019-6682
On versions 15.0.0-15.0.1.1, 14.0.0-14.1.2.2, 13.1.0-13.1.3.1, 12.1.0-12.1.5, and 11.5.2-11.6.5.1, the BIG-IP ASM system may consume excessive resources when processing certain types of HTTP responses from the origin web server. This vulnerability is only known to affect resource-constrained...
Unspecified vulnerability in F5 BIG-IP ASM (CNVD-2019-47430)
F5 BIG-IP ASM is a Web Application Firewall WAF from F5 USA that provides secure remote access, protects email, and simplifies Web access control while enhancing network and application performance. A security vulnerability exists in F5 BIG-IP ASM version 15.0.1 that stems from the program not...
F5 BIG-IP ASM Information Disclosure Vulnerability
F5 BIG-IP ASM is a Web Application Firewall WAF from F5 USA that provides secure remote access, protects email, and simplifies Web access control while enhancing network and application performance. A security vulnerability exists in the F5 BIG-IP ASM. An attacker could exploit the vulnerability ...
PT-2019-18232 · F5 · F5 Big-Ip Apm
Name of the Vulnerable Software and Affected Versions: F5 BIG-IP ASM versions 11.5.1 through 11.5.9 F5 BIG-IP ASM versions 11.6.0 through 11.6.4 F5 BIG-IP ASM versions 12.1.0 through 12.1.4.1 F5 BIG-IP ASM versions 13.0.0 through 13.1.1.5 F5 BIG-IP ASM versions 14.0.0 through 14.0.0.5 F5 BIG-IP A...
F5 BIG-IP Cross-Site Scripting Vulnerability (CNVD-2019-30620)
F5 BIG-IP is an application delivery platform from F5 USA that integrates network traffic management, application security management, load balancing and other functions. A cross-site scripting vulnerability exists in the AFM feed list in the F5 BIG-IP AFM and ASM, which can be exploited by an...
F5 BIG-IP Application Security Manager Resource Management Error Vulnerability
F5 BIG-IP Application Security Manager ASM is a Web Application Firewall WAF from F5 USA that provides secure remote access, protects email, and simplifies Web access control while enhancing network and application performance. A resource management error vulnerability exists in F5 BIG-IP...
CVE-2019-6637
On BIG-IP ASM 14.1.0-14.1.0.5, 14.0.0-14.0.0.4, 13.0.0-13.1.1.4, and 12.1.0-12.1.4, Application logic abuse of ASM REST endpoints can lead to instability of BIG-IP system. Exploitation of this issue causes excessive memory consumption which results in the Linux kernel triggering OOM killer on...
F5 Networks BIG-IP : BIG-IP SNMPD vulnerability (K12139752)
Under certain conditions, the snmpd process may leak memory on a multi-blade BIG-IP Virtual Clustered Multiprocessing vCMP guest when processing authorized SNMP requests. CVE-2019-6608 Impact Over time, the snmpd process consumes excessive memory, forcing the BIG-IP system to slow down and...
F5 Networks BIG-IP : SSL forward proxy vulnerability (K64552448)
Under certain conditions on F5 BIG-IP 13.1.0-13.1.0.5, 13.0.0, 12.1.0-12.1.3.1, 11.6.0-11.6.3.1, or 11.5.0-11.5.6, TMM may core while processing SSL forward proxy traffic. CVE-2018-5534 Impact This vulnerability may allow a remote attacker to cause the Traffic Management Microkernel TMM to produc...
CVE-2018-5541
When F5 BIG-IP ASM 13.0.0-13.1.0.1, 12.1.0-12.1.3.5, 11.6.0-11.6.3.1, or 11.5.1-11.5.6 is processing HTTP requests, an unusually large number of parameters can cause excessive CPU usage in the BIG-IP ASM bd process...
F5 BIG-IP Denial of Service Vulnerability (CNVD-2018-14718)
F5 BIG-IP ASM Application Security Manager is a Web Application Firewall WAF from F5 USA that provides secure remote access, protects email, and simplifies Web access control while enhancing network and application performance. A security vulnerability exists in F5 BIG-IP ASM versions 13.1.0...
CVE-2018-5526
Under certain conditions, on F5 BIG-IP ASM 13.1.0-13.1.0.5, Behavioral DOS BADOS protection may fail during an attack...
F5 BIG-IP AFM and ASM Unauthorized Access Vulnerability
F5 BIG-IP AFM and ASM are both products of F5 Corporation of the U.S.A. F5 BIG-IP AFM is an advanced firewall product designed to mitigate DDos attacks, and ASM is a Web Application Firewall WAF that provides secure remote access, protects email, and simplifies Web access control while enhancing...
CVE-2016-7472
F5 BIG-IP ASM version 12.1.0 - 12.1.1 may allow remote attackers to cause a denial of service DoS via a crafted HTTP request...
CVE-2016-7472
F5 BIG-IP ASM version 12.1.0 - 12.1.1 may allow remote attackers to cause a denial of service DoS via a crafted HTTP request...
CVE-2018-5505
On F5 BIG-IP versions 13.1.0 - 13.1.0.3, when ASM and AVR are both provisioned, TMM may restart while processing DNS requests when the virtual server is configured with a DNS profile and the Protocol setting is set to TCP...