Arista EOS 安全漏洞

Arista EOS is a fully programmable, highly modular, Linux-based network operating system from Arista Corporation. A security vulnerability exists in Arista EOS that stems from specially crafted packets that can cause the MACsec process to terminate unexpectedly, potentially resulting in a prolong...

CVE-2021-23009

On BIG-IP version 16.0.x before 16.0.1.1 and 15.1.x before 15.1.3, malformed HTTP/2 requests may cause an infinite loop which causes a Denial of Service for Data Plane traffic. TMM takes the configured HA action when the TMM process is aborted. There is no control plane exposure, this is a data...

Security Advisory 0049

Security Advisory 0049 PDF Date: June 3, 2020 Version: 1.0 Revision | Date | Changes ---|---|--- 1.0 | June 3, 2020 | Initial Release The CVE-ID tracking this issue: CVE-2020-11622 CVSSv3.1 Base Score: 7.5 AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H Description: This security advisory documents the...

CVE-2020-5879

CVE-2020-5879 affects BIG-IP ASM 11.6.1–11.6.5.1, where under certain configurations the appliance sends data plane traffic to back-end servers unencrypted despite a Server SSL profile being applied. The issue is documented in F5 advisory K88474783, which notes that vulnerable releases include 11...

F5 Networks BIG-IP : Linux kernel TCP ISN vulnerability (K15301)

The 1 IPv4 and 2 IPv6 implementations in the Linux kernel before 3.1 use a modified MD4 algorithm to generate sequence numbers and Fragment Identification values, which makes it easier for remote attackers to cause a denial of service disrupted networking or hijack network sessions by predicting...