CVE-2022-23011

On certain hardware BIG-IP platforms, in version 15.1.x before 15.1.4 and 14.1.x before 14.1.3, virtual servers may stop responding while processing TCP traffic due to an issue in the SYN Cookie Protection feature. Note: Software versions which have reached End of Technical Support EoTS are not...

EUVD-2019-16214

Malware in sbrugna...

EUVD-2020-27083

Malware in sbrugna...

EUVD-2022-28122

Malicious code in bioql PyPI...

CVE-2020-5929

In versions 13.0.0-13.0.0 HF2, 12.1.0-12.1.2 HF1, and 11.6.1-11.6.2, BIG-IP platforms with Cavium Nitrox SSL hardware acceleration cards, a Virtual Server configured with a Client SSL profile, and using Anonymous ADH or Ephemeral DHE Diffie-Hellman key exchange and Single DH use option not enable...

CVE-2020-5947

In versions 16.0.0-16.0.0.1 and 15.1.0-15.1.1, on specific BIG-IP platforms, attackers may be able to obtain TCP sequence numbers from the BIG-IP system that can be reused in future connections with the same source and destination port and IP numbers. Only these platforms are affected: BIG-IP 200...

CVE-2019-6655

On versions 13.0.0-13.1.0.1, 12.1.0-12.1.4.1, 11.6.1-11.6.4, and 11.5.1-11.5.9, BIG-IP platforms where AVR, ASM, APM, PEM, AFM, and/or AAM is provisioned may leak sensitive data...

K23440942: Insufficient validation of ICMP error messages CVE-2004-0790 (11.x - 13.x)

Security Advisory Description The vulnerability described in this article was initially fixed in earlier versions, but a regression was reintroduced in BIG-IP 12.x through 13.x. For information about earlier versions, refer to K4583: Insufficient validation of ICMP error messages - VU222750 /...

K35358312: TCP vulnerability CVE-2015-8099

Security Advisory Description Under limited conditions, an invalid TCP segment can lead to a Denial of Service for the High-Speed Bridge HSB on the following platforms: 3900, 6900, 8900, 8950, 11000, 11050, PB100 or PB200. This issue is only exposed on virtual servers while Software SYN cookies a...

K55102452: TMM vulnerability CVE-2017-6140

Security Advisory Description Undisclosed sequence of packets sent to Virtual Servers with client or server SSL profiles using AES-GCM cipher suites may cause disruption of data plane services. CVE-2017-6140 This vulnerability affects the following BIG-IP platforms: 2000s, 2200s, 4000s, 4200v,...

K17269881: Intel MCE vulnerability CVE-2018-12207

Security Advisory Description Improper invalidation for page table updates by a virtual guest operating system for multiple IntelR Processors may allow an authenticated user to potentially enable denial of service of the host system via local access. CVE-2018-12207 Impact A privileged guest user...

K16846: IPMI vulnerability CVE-2013-4786

Security Advisory Description The IPMI 2.0 specification supports RMCP+ Authenticated Key-Exchange Protocol RAKP authentication, which allows remote attackers to obtain password hashes and conduct offline password guessing attacks by obtaining the HMAC from a RAKP message 2 response from a BMC...

Vulnerability fixed in F5 BIG-IP

F5 Networks has fixed a vulnerability in a limited number of BIG-IP platforms. The vulnerability allows a malicious party with network access to the vulnerable system may be able to retrieve TCP sequence numbers used in previous, independent TCP connections. These sequence numbers can be used by...

CVE-2020-5929

In versions 13.0.0-13.0.0 HF2, 12.1.0-12.1.2 HF1, and 11.6.1-11.6.2, BIG-IP platforms with Cavium Nitrox SSL hardware acceleration cards, a Virtual Server configured with a Client SSL profile, and using Anonymous ADH or Ephemeral DHE Diffie-Hellman key exchange and Single DH use option not enable...

Design/Logic Flaw

In versions 13.0.0-13.0.0 HF2, 12.1.0-12.1.2 HF1, and 11.6.1-11.6.2, BIG-IP platforms with Cavium Nitrox SSL hardware acceleration cards, a Virtual Server configured with a Client SSL profile, and using Anonymous ADH or Ephemeral DHE Diffie-Hellman key exchange and Single DH use option not enable...