K55873574: BIG-IP ASM Configuration utility vulnerability CVE-2020-5927

Security Advisory Description BIG-IP ASM Configuration utility stored cross-site scripting. CVE-2020-5927 Impact An attacker may exploit this vulnerability by redirecting users to a malicious page. Security Advisory Status F5 Product Development has assigned ID 888489 BIG-IP to this vulnerability...

K40843345: BIG-IP ASM Configuration utility vulnerability CVE-2020-5928

Security Advisory Description An attacker may use the BIG-IP ASM Configuration utility cross-site request forgery CSRF protection token multiple times. CVE-2020-5928 Impact When the token is stolen, an attacker may be able to send POST requests to the affected BIG-IP ASM system to modify the...

K58102101: BIG-IP ASM vulnerability CVE-2020-27718

Security Advisory Description When the BIG-IP ASM system processes requests with JSON payload, an unusually large number of parameters can cause excessive CPU usage in the BIG-IP ASM bd process. CVE-2020-27718 Impact When this vulnerability is exploited, the BIG-IP ASM system may take longer than...

K88230177: BIG-IP ASM WebSocket vulnerability CVE-2021-22976

Security Advisory Description When the BIG-IP ASM system processes WebSocket requests with JSON payloads, an unusually large number of parameters can cause excessive CPU usage in the BIG-IP ASM bd process. CVE-2021-22976 Impact When this vulnerability is exploited, the BIG-IP ASM system may take...

K37466356: BIG-IP ASM vulnerability CVE-2020-5914

Security Advisory Description Undisclosed server cookie scenario may cause BD to restart under some circumstances. CVE-2020-5914 Impact The vulnerability allows remote attackers who have control over the backend webserver to cause a denial-of-service DoS attack on the BIG-IP ASM system. Security...

K52510511: Advanced WAF/ASM buffer-overflow vulnerability CVE-2021-22992

Security Advisory Description A malicious HTTP response to an Advanced WAF/ASM virtual server with Login Page configured in its policy may trigger a buffer overflow, resulting in a DoS attack. In certain situations, it may allow remote code execution RCE, leading to complete system compromise...

K52420610: Advanced WAF and BIG-IP ASM TMUI vulnerability CVE-2021-23029

Security Advisory Description Insufficient permission checks may allow authenticated users with guest privileges to perform Server-Side Request Forgery SSRF attacks through F5 Advanced Web Application Firewall WAF and the BIG-IP ASM Configuration utility. CVE-2021-23029 Impact An attacker with...

K56715231: TMM buffer-overflow vulnerability CVE-2021-22991

Security Advisory Description Undisclosed requests to a virtual server may be incorrectly handled by Traffic Management Microkernel TMM URI normalization, which may trigger a buffer overflow, resulting in a DoS attack. In certain situations, it theoretically may allow bypass of URL based access...

K53593534: BIG-IP ASM and F5 Advanced WAF attack signature check failure on certain HTTP requests

Security Advisory Description The BIG-IP ASM and F5 Advanced Web Application Firewall Advanced WAF attack signature check may fail to detect and block certain HTTP requests. Impact The attack signature check fails to detect and block such requests, as expected of a security policy. Symptoms As a...

K75432956: BIG-IP ASM vulnerability CVE-2018-5539

Security Advisory Description Under certain conditions, on F5 BIG-IP ASM 13.0.0-13.1.0.7, 12.1.0-12.1.3.5, 11.6.0-11.6.3.1, 11.5.1-11.5.6, or 11.2.1, when processing CSRF protections, the BIG-IP ASM bd process may restart and produce a core file. CVE-2018-5539 Impact BIG-IP The affected BIG-IP AS...

K30911244: Advanced WAF, BIG-IP ASM, and NGINX App Protect attack signature check failure

Security Advisory Description The F5 Advanced Web Application Firewall Advanced WAF, BIG-IP ASM, and NGINX App Protect attack signature check may fail to detect and block certain HTTP requests when some signatures are disabled on the security policy and wildcard header. Impact The attack signatur...

K67397230: BIG-IP ASM, F5 Advanced WAF, and NGINX App Protect normalizing security exposure

Security Advisory Description The BIG-IP ASM, F5 Advanced Web Application Firewall Advanced WAF, and NGINX App Protect systems incorrectly normalize undisclosed strings. Impact The attack signature check fails to detect and block such requests, as expected of a security policy. Symptoms As a resu...

K70134152: BIG-IP ASM, F5 Advanced WAF, and NGINX App Protect encoded directory traversal security exposure

Security Advisory Description The BIG-IP ASM, F5 Advanced Web Application Firewall Advanced WAF, and NGINX App Protect systems may fail to detect encoded directory traversal in the URL. This issue occurs when the following condition is met: The affected security policy is enabled with an evasion...

K14812883: BIG-IP ASM XSS vulnerability CVE-2019-6607

Security Advisory Description This is a stored cross-site scripting XSS vulnerability in an ASM violation viewed in the Configuration utility. In the worst case, an attacker can store a CSRF, which results in code execution as the admin user. CVE-2019-6607 The user levels that can store this atta...

K91414704: BIG-IP Advanced WAF and ASM Brute Force Protection feature may not properly support the Post-Redirect-Get application flow

Security Advisory Description The Advanced WAF and BIG-IP ASM systems may not properly support the Post-Redirect-Get PRG application flow implemented on a back-end web server. This issue occurs when all of the following conditions are met: You enabled brute force protection in your security polic...

K47204506: BIG-IP Advanced WAF and ASM bd vulnerability CVE-2022-41836

Security Advisory Description When an "Attack Signature False Positive Mode" enabled security policy is configured on a virtual server, undisclosed requests can cause the bd process to terminate. CVE-2022-41836 Impact Traffic is disrupted while the bd process restarts. This vulnerability allows a...

K00602225: Advanced WAF and BIG-IP ASM vulnerability CVE-2021-23028

Security Advisory Description When JSON content profiles are configured for URLs as part of an F5 Advanced Web Application Firewall WAF/BIG-IP ASM security policy and applied to a virtual server, undisclosed requests may cause the BIG-IP ASM bd process to terminate. CVE-2021-23028 Impact Traffic ...

K40452417: BIG-IP ASM memory exhaustion vulnerability CVE-2019-6682

Security Advisory Description The BIG-IP ASM system may consume excessive resources when processing certain types of HTTP responses from the origin web server. This vulnerability is only known to affect resource-constrained systems in which the security policy is configured with response-side...

K52320548: Expat vulnerability CVE-2016-0718

Security Advisory Description An out-of-bounds read flaw was found in the way Expat processed certain input. A remote attacker could send specially crafted XML that, when parsed by an application using the Expat library, would cause that application to crash or, possibly, execute arbitrary code...

K56142644: Appliance mode Advanced WAF/ASM TMUI authenticated remote command execution vulnerability CVE-2021-22989

Security Advisory Description When running in Appliance mode with Advanced WAF or ASM provisioned, the Traffic Management User Interface TMUI, also referred to as the Configuration utility, has an authenticated remote command execution vulnerability in undisclosed pages. CVE-2021-22989 Note : For...