Lucene search
K

788 matches found

CVE
CVE
added 2024/02/14 4:30 p.m.49 views

CVE-2024-23308

CVE-2024-23308 affects BIG-IP Advanced WAF/ASM: when a policy with a Request Body Handling option is attached to a virtual server, certain requests can trigger a NULL dereference in the BD process, causing DoS by remote unauthenticated access. Impact is Denial of Service to traffic handling (data...

7.5CVSS7.6AI score0.00515EPSS
Exploits0References1Affected Software2
Vulnrichment
Vulnrichment
added 2024/02/14 4:30 p.m.19 views

CVE-2024-23308 BIG-IP Advanced WAF and ASM vulnerability

When a BIG-IP Advanced WAF or BIG-IP ASM policy with a Request Body Handling option is attached to a virtual server, undisclosed requests can cause the BD process to terminate. The condition results from setting the Request Body Handling option in the Header-Based Content Profile for an Allowed U...

7.5CVSS7.1AI score0.00515EPSS
Exploits0References1
Cvelist
Cvelist
added 2024/02/14 4:30 p.m.31 views

CVE-2024-23308 BIG-IP Advanced WAF and ASM vulnerability

When a BIG-IP Advanced WAF or BIG-IP ASM policy with a Request Body Handling option is attached to a virtual server, undisclosed requests can cause the BD process to terminate. The condition results from setting the Request Body Handling option in the Header-Based Content Profile for an Allowed U...

7.5CVSS7.7AI score0.00515EPSS
Exploits0References1
Cvelist
Cvelist
added 2024/02/14 4:30 p.m.25 views

CVE-2024-21849 BIG-IP Websockets vulnerability

When an Advanced WAF/ASM security policy and a Websockets profile are configured on a virtual server, undisclosed traffic can cause the Traffic Management Microkernel TMM process to terminate. Note: Software versions which have reached End of Technical Support EoTS are not evaluated...

7.5CVSS7.7AI score0.00515EPSS
Exploits0References1
CVE
CVE
added 2024/02/14 4:30 p.m.49 views

CVE-2024-21849

CVE-2024-21849 affects BIG-IP with Advanced WAF/ASM configured and a Websockets profile on a virtual server. The underlying issue is that undisclosed traffic can cause the Traffic Management Microkernel (TMM) to terminate, leading to a DoS condition. The vulnerability is documented as affecting B...

7.5CVSS7.6AI score0.00515EPSS
Exploits0References1Affected Software2
F5 Networks
F5 Networks
added 2024/02/14 1:55 p.m.42 views

K000137334: F5 Application Visibility and Reporting module and BIG-IP Advanced WAF/ASM vulnerability CVE-2024-23805

Security Advisory Description Undisclosed requests can cause the Traffic Management Microkernel TMM to terminate. For the Application Visibility and Reporting module, this may occur when the HTTP Analytics profile with URLs enabled under Collected Entities is configured on a virtual server and th...

7.5CVSS7.6AI score0.00515EPSS
Exploits0Affected Software2
F5 Networks
F5 Networks
added 2024/02/14 1:52 p.m.33 views

K000137270: BIG-IP Advanced WAF and BIG-IP ASM vulnerability CVE-2024-21789

Security Advisory Description When a BIG-IP Advanced WAF/ASM security policy is configured on a virtual server, undisclosed requests can cause an increase in memory resource utilization. CVE-2024-21789 Impact System performance can degrade until the bd process is either forced to restart or is...

7.5CVSS7.6AI score0.00515EPSS
Exploits0Affected Software2
F5 Networks
F5 Networks
added 2024/02/14 1:32 p.m.32 views

K000137416: BIG-IP Advanced WAF and BIG-IP ASM vulnerability CVE-2024-23308

Security Advisory Description When a BIG-IP Advanced WAF or BIG-IP ASM policy with a Request Body Handling option is attached to a virtual server, undisclosed requests can cause the BD process to terminate. The condition results from setting the Request Body Handling option in the Header-Based...

7.5CVSS7.6AI score0.00515EPSS
Exploits0Affected Software2
F5 Networks
F5 Networks
added 2024/02/14 1:30 p.m.30 views

K000138047: BIG-IP Advanced WAF and BIG-IP ASM Configuration utility vulnerability CVE-2024-23603

Security Advisory Description A SQL injection vulnerability exists in an undisclosed page of the BIG-IP Configuration utility. CVE-2024-23603 Impact A highly privileged authenticated attacker can exploit this vulnerability to execute malicious SQL statements through the BIG-IP Configuration...

3.8CVSS5.7AI score0.00302EPSS
Exploits0Affected Software2
Tenable Nessus
Tenable Nessus
added 2024/02/14 12:0 a.m.20 views

F5 Networks BIG-IP : BIG-IP Websockets vulnerability (K000135873)

The version of F5 Networks BIG-IP installed on the remote host is prior to 16.1.4 / 17.1.0. It is, therefore, affected by a vulnerability as referenced in the K000135873 advisory. - When an Advanced WAF/ASM security policy and a Websockets profile are configured on a virtual server, undisclosed...

7.5CVSS7.4AI score0.00515EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2024/02/14 12:0 a.m.18 views

F5 Networks BIG-IP : BIG-IP Advanced WAF and BIG-IP ASM vulnerability (K000137416)

The version of F5 Networks BIG-IP installed on the remote host is prior to 17.1.1. It is, therefore, affected by a vulnerability as referenced in the K000137416 advisory. - When a BIG-IP Advanced WAF or BIG-IP ASM policy with a Request Body Handling option is attached to a virtual server,...

7.5CVSS7.4AI score0.00515EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2024/02/14 12:0 a.m.24 views

F5 Networks BIG-IP : F5 Application Visibility and Reporting module and BIG-IP Advanced WAF/ASM vulnerability (K000137334)

The version of F5 Networks BIG-IP installed on the remote host is prior to 15.1.10 / 16.1.4 / 17.1.1. It is, therefore, affected by a vulnerability as referenced in the K000137334 advisory. - Undisclosed requests can cause the Traffic Management Microkernel TMM to terminate. For the Application...

7.5CVSS7.4AI score0.00515EPSS
Exploits0References2
Positive Technologies
Positive Technologies
added 2024/02/14 12:0 a.m.4 views

PT-2024-19799 · F5 · Big-Ip

Name of the Vulnerable Software and Affected Versions: BIG-IP affected versions not specified Description: When a BIG-IP Advanced WAF or BIG-IP ASM policy with a Request Body Handling option is attached to a virtual server, undisclosed requests can cause the BD process to terminate. The condition...

7.5CVSS6.5AI score0.00515EPSS
Exploits0References6
Tenable Nessus
Tenable Nessus
added 2024/02/14 12:0 a.m.17 views

F5 Networks BIG-IP : BIG-IP Advanced WAF and BIG-IP ASM Configuration utility vulnerability (K000138047)

The version of F5 Networks BIG-IP installed on the remote host is prior to 15.1.10 / 16.1.4 / 17.1.1. It is, therefore, affected by a vulnerability as referenced in the K000138047 advisory. A SQL injection vulnerability exists in an undisclosed page of the BIG-IP Configuration...

3.8CVSS5.5AI score0.00302EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2024/02/14 12:0 a.m.25 views

F5 Networks BIG-IP : BIG-IP Advanced WAF and BIG-IP ASM and vulnerability (K000137270)

The version of F5 Networks BIG-IP installed on the remote host is prior to 17.1.1. It is, therefore, affected by a vulnerability as referenced in the K000137270 advisory. - When a BIG-IP ASM/Advanced WAF security policy is configured on a virtual server, undisclosed requests can cause an increase...

7.5CVSS7.4AI score0.00515EPSS
Exploits0References2
NVD
NVD
added 2024/02/06 6:15 a.m.34 views

CVE-2023-33064

Transient DOS in Audio when invoking callback function of ASM driver...

5.5CVSS5.5AI score0.001EPSS
Exploits0References1
Prion
Prion
added 2024/02/06 6:15 a.m.21 views

Design/Logic Flaw

Transient DOS in Audio when invoking callback function of ASM driver...

1.7CVSS7.2AI score0.001EPSS
Exploits0References1
CVE
CVE
added 2024/02/06 5:47 a.m.118 views

CVE-2023-33064

CVE-2023-33064 is described as a Transient DoS in Audio when invoking the callback function of the ASM driver (Qualcomm chipsets). The vulnerability affects the Audio component via the ASM driver callback path and has a CVSS 3.1 base score of 5.5 (Local, Low Privileges, Low Auth, High Impact on A...

5.5CVSS5.5AI score0.001EPSS
Exploits0References1Affected Software1
Positive Technologies
Positive Technologies
added 2024/02/06 12:0 a.m.5 views

PT-2024-12389 · Unknown · Asm Driver

Name of the Vulnerable Software and Affected Versions: ASM driver affected versions not specified Description: The issue is related to a Transient Denial of Service DOS in the Audio component when the callback function of the ASM driver is invoked. This can potentially cause disruptions in audio...

5.5CVSS5.4AI score0.001EPSS
Exploits0References4
Openbugbounty
Openbugbounty
added 2024/01/10 11:2 a.m.9 views

asm-online.de Cross Site Scripting vulnerability OBB-3830964

Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently hidde...

6.2AI score
Exploits0
Rows per page
Query Builder