CVE-2022-23026

On BIG-IP ASM & Advanced WAF version 16.1.x before 16.1.2, 15.1.x before 15.1.4.1, 14.1.x before 14.1.4.5, and all versions of 13.1.x and 12.1.x, an authenticated user with low privileges, such as a guest, can upload data using an undisclosed REST endpoint causing an increase in disk resource...

EUVD-2022-38133

Malicious code in bioql PyPI...

CVE-2022-35241

CVE-2022-35241 affects NGINX Instance Manager (NGINX IM) and is documented by F5 as an issue where undisclosed requests can cause increased disk resource utilization, enabling a remote, authenticated attacker to degrade system performance (DoS). Affected branches: NGINX IM 2.x (2.0.0–2.3.0) with ...

CVE-2022-35241 NGINX Instance Manager vulnerability CVE-2022-35241

In versions 2.x before 2.3.1 and all versions of 1.x, when NGINX Instance Manager is in use, undisclosed requests can cause an increase in disk resource utilization. Note: Software versions which have reached End of Technical Support EoTS are not evaluated...

F5 NGINX Instance Manager Denial of Service Vulnerability

NGINX Instance Manager NIM is part of F5's NGINX Management Suite NMS.The NIM module provides a REST API that uses standard authentication methods and HTTP response code, among other things.A denial of service vulnerability exists in F5 NGINX Instance Manager, which stems from a When using NGINX...

Design/Logic Flaw

On BIG-IP ASM & Advanced WAF version 16.1.x before 16.1.2, 15.1.x before 15.1.4.1, 14.1.x before 14.1.4.5, and all versions of 13.1.x and 12.1.x, an authenticated user with low privileges, such as a guest, can upload data using an undisclosed REST endpoint causing an increase in disk resource...

CVE-2022-23026

CVE-2022-23026 affects F5 BIG-IP ASM and Advanced WAF (REST API endpoint). An authenticated user with low privileges (e.g., guest) can upload data via an undisclosed REST endpoint, causing increased disk resource utilization. This is a control-plane issue with no data-plane exposure. According to...

F5 Networks BIG-IP : BIG-IP ASM and Advanced WAF REST API endpoint vulnerability (K08402414)

The version of F5 Networks BIG-IP installed on the remote host is prior to 13.1.5 / 14.1.4.5 / 15.1.4.1 / 16.1.2 / 17.0.0. It is, therefore, affected by a vulnerability as referenced in the K08402414 advisory. - On BIG-IP ASM & Advanced WAF version 16.1.x before 16.1.2, 15.1.x before 15.1.4.1,...