EUVD-2017-15195

Malware in sbrugna...

EUVD-2017-0661

Malware in sbrugna...

F5 SSL Intercept iApp Command Execution Vulnerability

F5 SSL Intercept iApp is a set of templates from F5 USA for configuring security appliances for decrypting SSL traffic outbound in LTM. A security vulnerability exists in F5 SSL Intercept iApp versions 1.5.0 through 1.5.7. A remote attacker could exploit the vulnerability to modify the BIG-IP...

Command injection

F5 SSL Intercept iApp version 1.5.0 - 1.5.7 is vulnerable to an unauthenticated, remote attack that may allow modification of the BIG-IP system configuration, extraction of sensitive system files, and possible remote command execution on the system when deployed using the Explicit Proxy feature...

CVE-2017-0305

F5 SSL Intercept iApp version 1.5.0 - 1.5.7 is vulnerable to an unauthenticated, remote attack that may allow modification of the BIG-IP system configuration, extraction of sensitive system files, and possible remote command execution on the system when deployed using the Explicit Proxy feature...

CVE-2017-6130

F5 SSL Intercept iApp 1.5.0 - 1.5.7 and SSL Orchestrator 2.0 is vulnerable to a Server-Side Request Forgery SSRF attack when deployed using the Dynamic Domain Bypass DDB feature feature plus SNAT Auto Map option for egress traffic...

CVE-2017-0305

F5 SSL Intercept iApp version 1.5.0 - 1.5.7 is vulnerable to an unauthenticated, remote attack that may allow modification of the BIG-IP system configuration, extraction of sensitive system files, and possible remote command execution on the system when deployed using the Explicit Proxy feature...