Lucene search
K

82 matches found

OSV
OSV
added 2019/12/23 6:15 p.m.5 views

CVE-2019-6685

On BIG-IP versions 15.0.0-15.0.1.1, 14.1.0-14.1.2.2, 14.0.0-14.0.1, 13.1.0-13.1.3.1, 12.1.0-12.1.5, and 11.5.2-11.6.5.1, users with access to edit iRules are able to create iRules which can lead to an elevation of privilege, configuration modification, and arbitrary system command execution...

7.8CVSS7.2AI score0.00364EPSS
Exploits0References1
NVD
NVD
added 2019/12/23 6:15 p.m.20 views

CVE-2019-6685

On BIG-IP versions 15.0.0-15.0.1.1, 14.1.0-14.1.2.2, 14.0.0-14.0.1, 13.1.0-13.1.3.1, 12.1.0-12.1.5, and 11.5.2-11.6.5.1, users with access to edit iRules are able to create iRules which can lead to an elevation of privilege, configuration modification, and arbitrary system command execution...

7.8CVSS7.8AI score0.00364EPSS
Exploits0References1
Prion
Prion
added 2019/12/23 6:15 p.m.20 views

Privilege escalation

On BIG-IP versions 15.0.0-15.0.1.1, 14.1.0-14.1.2.2, 14.0.0-14.0.1, 13.1.0-13.1.3.1, 12.1.0-12.1.5, and 11.5.2-11.6.5.1, users with access to edit iRules are able to create iRules which can lead to an elevation of privilege, configuration modification, and arbitrary system command execution...

4.6CVSS7.8AI score0.00364EPSS
Exploits0References1Affected Software13
Cvelist
Cvelist
added 2019/12/23 5:30 p.m.24 views

CVE-2019-6685

On BIG-IP versions 15.0.0-15.0.1.1, 14.1.0-14.1.2.2, 14.0.0-14.0.1, 13.1.0-13.1.3.1, 12.1.0-12.1.5, and 11.5.2-11.6.5.1, users with access to edit iRules are able to create iRules which can lead to an elevation of privilege, configuration modification, and arbitrary system command execution...

7.8AI score0.00364EPSS
Exploits0References1
OSV
OSV
added 2019/07/03 6:15 p.m.7 views

CVE-2019-6631

On BIG-IP 11.5.1-11.6.4, iRules performing HTTP header manipulation may cause an interruption to service when processing traffic handled by a Virtual Server with an associated HTTP profile, in specific circumstances, when the requests do not strictly conform to RFCs...

7.5CVSS5.8AI score
Exploits0References3
Prion
Prion
added 2019/07/03 6:15 p.m.23 views

Design/Logic Flaw

On BIG-IP 11.5.1-11.6.4, iRules performing HTTP header manipulation may cause an interruption to service when processing traffic handled by a Virtual Server with an associated HTTP profile, in specific circumstances, when the requests do not strictly conform to RFCs...

5CVSS7.4AI score0.02531EPSS
Exploits0References3Affected Software13
CVE
CVE
added 2019/07/03 5:54 p.m.91 views

CVE-2019-6631

CVE-2019-6631 affects F5 BIG-IP 11.5.1–11.6.4 where iRules that manipulate HTTP headers can interrupt service for traffic on a Virtual Server with an HTTP profile when requests don’t fully conform to RFCs. Public sources note an HA failover/core-dump risk. Remediation is available via upgraded BI...

7.5CVSS7.4AI score0.02531EPSS
Exploits0References3Affected Software1
Tenable Nessus
Tenable Nessus
added 2019/07/02 12:0 a.m.24 views

F5 Networks BIG-IP : BIG-IP HTTP profile vulnerability (K19501795)

iRules performing HTTP header manipulation may cause an interruption to service when processing traffic handled by a Virtual Server with an associated HTTP profile, in specific circumstances, when the requests do not strictly conform to RFCs. CVE-2019-6631 Impact The BIG-IP system Traffic...

7.5CVSS7.3AI score0.02531EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2018/11/02 12:0 a.m.34 views

F5 Networks BIG-IP : TMM vulnerability (K64208870)

Malicious requests made to virtual servers with an HTTP profile can cause the TMM to restart. The issue is exposed with the non-default 'normalize URI' configuration options used in iRules and/or BIG-IP LTM policies. CVE-2018-15319 Impact An attacker may be able to disrupt traffic or cause the...

7.8CVSS7.2AI score0.01859EPSS
Exploits0References2
OSV
OSV
added 2018/10/31 2:29 p.m.7 views

CVE-2018-15319

On BIG-IP 14.0.0-14.0.0.2, 13.0.0-13.1.1.1, or 12.1.0-12.1.3.6, malicious requests made to virtual servers with an HTTP profile can cause the TMM to restart. The issue is exposed with the non-default "normalize URI" configuration options used in iRules and/or BIG-IP LTM policies...

7.5CVSS5.8AI score0.01859EPSS
Exploits0References2
NVD
NVD
added 2018/10/31 2:29 p.m.16 views

CVE-2018-15319

On BIG-IP 14.0.0-14.0.0.2, 13.0.0-13.1.1.1, or 12.1.0-12.1.3.6, malicious requests made to virtual servers with an HTTP profile can cause the TMM to restart. The issue is exposed with the non-default "normalize URI" configuration options used in iRules and/or BIG-IP LTM policies...

7.8CVSS7.4AI score0.01859EPSS
Exploits0References2
CVE
CVE
added 2018/10/31 2:0 p.m.65 views

CVE-2018-15319

CVE-2018-15319 affects F5 BIG-IP TMM when HTTP profiles or iRules use the non-default Normalize URI options. Affected: BIG-IP 14.0.0–14.0.0.2, 13.0.0–13.1.1.1, 12.1.0–12.1.3.6. Root cause: certain HTTP URI/Use normalized URI configurations allow malicious requests to trigger TMM restart. Impact: ...

7.8CVSS7.3AI score0.01859EPSS
Exploits0References2Affected Software1
Cvelist
Cvelist
added 2018/10/31 2:0 p.m.23 views

CVE-2018-15319

On BIG-IP 14.0.0-14.0.0.2, 13.0.0-13.1.1.1, or 12.1.0-12.1.3.6, malicious requests made to virtual servers with an HTTP profile can cause the TMM to restart. The issue is exposed with the non-default "normalize URI" configuration options used in iRules and/or BIG-IP LTM policies...

7.4AI score0.01859EPSS
Exploits0References2
Prion
Prion
added 2017/12/21 5:29 p.m.19 views

Design/Logic Flaw

In F5 BIG-IP LTM, AAM, AFM, Analytics, APM, ASM, DNS, GTM, Link Controller, PEM and WebSafe software version 13.0.0 and 12.1.0 - 12.1.2, malicious requests made to virtual servers with an HTTP profile can cause the TMM to restart. The issue is exposed with BIG-IP APM profiles, regardless of...

5CVSS7.4AI score0.01585EPSS
Exploits0References2Affected Software11
Cvelist
Cvelist
added 2017/12/21 5:0 p.m.27 views

CVE-2017-6138

In F5 BIG-IP LTM, AAM, AFM, Analytics, APM, ASM, DNS, GTM, Link Controller, PEM and WebSafe software version 13.0.0 and 12.1.0 - 12.1.2, malicious requests made to virtual servers with an HTTP profile can cause the TMM to restart. The issue is exposed with BIG-IP APM profiles, regardless of...

7.4AI score0.01585EPSS
Exploits0References2
NVD
NVD
added 2017/03/07 9:59 p.m.26 views

CVE-2016-9245

In F5 BIG-IP systems 12.1.0 - 12.1.2, malicious requests made to virtual servers with an HTTP profile can cause the TMM to restart. The issue is exposed with BIG-IP APM profiles, regardless of settings. The issue is also exposed with the non-default "Normalize URI" configuration options used in...

5.9CVSS5.5AI score0.01377EPSS
Exploits0References3
Prion
Prion
added 2017/03/07 9:59 p.m.21 views

Information disclosure

In F5 BIG-IP systems 12.1.0 - 12.1.2, malicious requests made to virtual servers with an HTTP profile can cause the TMM to restart. The issue is exposed with BIG-IP APM profiles, regardless of settings. The issue is also exposed with the non-default "Normalize URI" configuration options used in...

4.3CVSS6.8AI score0.01377EPSS
Exploits0References3Affected Software10
CVE
CVE
added 2017/03/07 9:0 p.m.58 views

CVE-2016-9245

Summary of CVE-2016-9245 (F5 BIG-IP TMM) : Affected software includes BIG-IP 12.1.0–12.1.2. Malicious requests to virtual servers with an HTTP profile can cause the TMM to restart, with exposure also when BIG-IP APM is in use and when non-default Normalize URI configurations are applied in iRules...

5.9CVSS5.8AI score0.01377EPSS
Exploits0References3Affected Software1
Tenable Nessus
Tenable Nessus
added 2017/02/27 12:0 a.m.60 views

F5 Networks BIG-IP : TMM vulnerability (K22216037)

Malicious requests made to virtual servers with an HTTP profile can cause the TMM to restart. The issue is exposed with BIG-IP APM profiles, regardless of settings. The issue is also exposed with the non-default 'Normalize URI' configuration options used in iRules and/or BIG-IP LTM policies...

5.9CVSS6.3AI score0.01377EPSS
Exploits0References2
OpenVAS
OpenVAS
added 2017/01/04 12:0 a.m.21 views

F5 BIG-IP - TMM iRules vulnerability CVE-2016-5024

On a BIG-IP LTM with a virtual server configured to parse RADIUS messages via an iRule, a remote attacker may be able to cause TMM to restart using malicious network traffic. SPDX-FileCopyrightText: 2017 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are...

5.9CVSS5.8AI score0.01837EPSS
Exploits0References1
Rows per page
Query Builder