83 matches found
CVE-2021-23035
On BIG-IP 14.1.x before 14.1.4.4, when an HTTP profile is configured on a virtual server, after a specific sequence of packets, chunked responses can cause the Traffic Management Microkernel TMM to terminate. Note: Software versions which have reached End of Technical Support EoTS are not evaluat...
CVE-2021-23042
On BIG-IP version 16.0.x before 16.0.1.2, 15.1.x before 15.1.3, 14.1.x before 14.1.4, 13.1.x before 13.1.4, and 12.1.x before 12.1.6, when an HTTP profile is configured on a virtual server, undisclosed requests can cause a significant increase in system resource utilization. Note: Software versio...
Code injection
On BIG-IP version 16.0.x before 16.0.1.2, 15.1.x before 15.1.3, 14.1.x before 14.1.4, 13.1.x before 13.1.4, and 12.1.x before 12.1.6, when an HTTP profile is configured on a virtual server, undisclosed requests can cause a significant increase in system resource utilization. Note: Software versio...
CVE-2021-23042
CVE-2021-23042 affects BIG-IP when an HTTP profile is configured on a virtual server, causing undisclosed requests to significantly increase system resource utilization. Affected versions are BIG-IP 16.0.x before 16.0.1.2, 15.1.x before 15.1.3, 14.1.x before 14.1.4, 13.1.x before 13.1.4, and 12.1...
F5 Networks BIG-IP : BIG-IP VE TMM vulnerability (K10251014)
BIG-IP Virtual Edition VE may expose a mechanism for remote attackers to access local daemons and bypass port lockdown settings. CVE-2020-5887 Impact The vulnerability can occur on BIG-IP VE systems with the following configuration : An IPv6 forwarding virtual server An IPv6 floating self IP...
F5 Networks BIG-IP : BIG-IP HTTP/2 vulnerability (K81557381)
When the BIG-IP system is configured in HTTP/2 full proxy mode, specifically crafted requests may cause a disruption of service provided by the Traffic Management Microkernel TMM. CVE-2019-6673 Impact An attacker may be able to use a specifically crafted request to cause a disruption of service...
CVE-2019-6631
On BIG-IP 11.5.1-11.6.4, iRules performing HTTP header manipulation may cause an interruption to service when processing traffic handled by a Virtual Server with an associated HTTP profile, in specific circumstances, when the requests do not strictly conform to RFCs...
Design/Logic Flaw
On BIG-IP 11.5.1-11.6.4, iRules performing HTTP header manipulation may cause an interruption to service when processing traffic handled by a Virtual Server with an associated HTTP profile, in specific circumstances, when the requests do not strictly conform to RFCs...
CVE-2019-6631
On BIG-IP 11.5.1-11.6.4, iRules performing HTTP header manipulation may cause an interruption to service when processing traffic handled by a Virtual Server with an associated HTTP profile, in specific circumstances, when the requests do not strictly conform to RFCs...
F5 Networks BIG-IP : BIG-IP HTTP profile vulnerability (K19501795)
iRules performing HTTP header manipulation may cause an interruption to service when processing traffic handled by a Virtual Server with an associated HTTP profile, in specific circumstances, when the requests do not strictly conform to RFCs. CVE-2019-6631 Impact The BIG-IP system Traffic...
F5 Networks BIG-IP : TMM vulnerability (K64208870)
Malicious requests made to virtual servers with an HTTP profile can cause the TMM to restart. The issue is exposed with the non-default 'normalize URI' configuration options used in iRules and/or BIG-IP LTM policies. CVE-2018-15319 Impact An attacker may be able to disrupt traffic or cause the...
Design/Logic Flaw
On BIG-IP 14.0.0-14.0.0.2, 13.0.0-13.1.1.1, or 12.1.0-12.1.3.6, malicious requests made to virtual servers with an HTTP profile can cause the TMM to restart. The issue is exposed with the non-default "normalize URI" configuration options used in iRules and/or BIG-IP LTM policies...
CVE-2018-15319
On BIG-IP 14.0.0-14.0.0.2, 13.0.0-13.1.1.1, or 12.1.0-12.1.3.6, malicious requests made to virtual servers with an HTTP profile can cause the TMM to restart. The issue is exposed with the non-default "normalize URI" configuration options used in iRules and/or BIG-IP LTM policies...
CVE-2018-15319
On BIG-IP 14.0.0-14.0.0.2, 13.0.0-13.1.1.1, or 12.1.0-12.1.3.6, malicious requests made to virtual servers with an HTTP profile can cause the TMM to restart. The issue is exposed with the non-default "normalize URI" configuration options used in iRules and/or BIG-IP LTM policies...
CVE-2018-15319
CVE-2018-15319 affects F5 BIG-IP TMM when HTTP profiles or iRules use the non-default Normalize URI options. Affected: BIG-IP 14.0.0–14.0.0.2, 13.0.0–13.1.1.1, 12.1.0–12.1.3.6. Root cause: certain HTTP URI/Use normalized URI configurations allow malicious requests to trigger TMM restart. Impact: ...
CVE-2018-15319
On BIG-IP 14.0.0-14.0.0.2, 13.0.0-13.1.1.1, or 12.1.0-12.1.3.6, malicious requests made to virtual servers with an HTTP profile can cause the TMM to restart. The issue is exposed with the non-default "normalize URI" configuration options used in iRules and/or BIG-IP LTM policies...
CVE-2017-6138
In F5 BIG-IP LTM, AAM, AFM, Analytics, APM, ASM, DNS, GTM, Link Controller, PEM and WebSafe software version 13.0.0 and 12.1.0 - 12.1.2, malicious requests made to virtual servers with an HTTP profile can cause the TMM to restart. The issue is exposed with BIG-IP APM profiles, regardless of...
Design/Logic Flaw
In F5 BIG-IP LTM, AAM, AFM, Analytics, APM, ASM, DNS, GTM, Link Controller, PEM and WebSafe software version 13.0.0 and 12.1.0 - 12.1.2, malicious requests made to virtual servers with an HTTP profile can cause the TMM to restart. The issue is exposed with BIG-IP APM profiles, regardless of...
CVE-2017-6138
In F5 BIG-IP LTM, AAM, AFM, Analytics, APM, ASM, DNS, GTM, Link Controller, PEM and WebSafe software version 13.0.0 and 12.1.0 - 12.1.2, malicious requests made to virtual servers with an HTTP profile can cause the TMM to restart. The issue is exposed with BIG-IP APM profiles, regardless of...
F5 BIG-IP - TMM vulnerability CVE-2016-9245
Malicious requests made to virtual servers with an HTTP profile can cause the TMM to restart. The issue is exposed with BIG-IP APM profiles, regardless of settings. The issue is also exposed with the non-default SPDX-FileCopyrightText: 2017 Greenbone AG Some text descriptions might be excerpted...