CVE-2022-23026

On BIG-IP ASM & Advanced WAF version 16.1.x before 16.1.2, 15.1.x before 15.1.4.1, 14.1.x before 14.1.4.5, and all versions of 13.1.x and 12.1.x, an authenticated user with low privileges, such as a guest, can upload data using an undisclosed REST endpoint causing an increase in disk resource...

EUVD-2022-38133

Malicious code in bioql PyPI...

CVE-2022-35241 NGINX Instance Manager vulnerability CVE-2022-35241

In versions 2.x before 2.3.1 and all versions of 1.x, when NGINX Instance Manager is in use, undisclosed requests can cause an increase in disk resource utilization. Note: Software versions which have reached End of Technical Support EoTS are not evaluated...

CVE-2022-35241

CVE-2022-35241 affects NGINX Instance Manager (NGINX IM) and is documented by F5 as an issue where undisclosed requests can cause increased disk resource utilization, enabling a remote, authenticated attacker to degrade system performance (DoS). Affected branches: NGINX IM 2.x (2.0.0–2.3.0) with ...

F5 NGINX Instance Manager Denial of Service Vulnerability

NGINX Instance Manager NIM is part of F5's NGINX Management Suite NMS.The NIM module provides a REST API that uses standard authentication methods and HTTP response code, among other things.A denial of service vulnerability exists in F5 NGINX Instance Manager, which stems from a When using NGINX...

Design/Logic Flaw

On BIG-IP ASM & Advanced WAF version 16.1.x before 16.1.2, 15.1.x before 15.1.4.1, 14.1.x before 14.1.4.5, and all versions of 13.1.x and 12.1.x, an authenticated user with low privileges, such as a guest, can upload data using an undisclosed REST endpoint causing an increase in disk resource...

CVE-2022-23026

CVE-2022-23026 affects F5 BIG-IP ASM and Advanced WAF (REST API endpoint). An authenticated user with low privileges (e.g., guest) can upload data via an undisclosed REST endpoint, causing increased disk resource utilization. This is a control-plane issue with no data-plane exposure. According to...

F5 Networks BIG-IP : BIG-IP ASM and Advanced WAF REST API endpoint vulnerability (K08402414)

The version of F5 Networks BIG-IP installed on the remote host is prior to 13.1.5 / 14.1.4.5 / 15.1.4.1 / 16.1.2 / 17.0.0. It is, therefore, affected by a vulnerability as referenced in the K08402414 advisory. - On BIG-IP ASM & Advanced WAF version 16.1.x before 16.1.2, 15.1.x before 15.1.4.1,...