Lucene search
+L

193 matches found

CVE
CVE
added 2022/08/04 5:48 p.m.101 views

CVE-2022-34862

CVE-2022-34862 affects BIG-IP TMM data normalization in LTM when processing undoc’d requests, causing TMM termination (DoS). Affected: BIG-IP versions 13.1.x (13.1.0–13.1.5), 14.1.x (14.1.0–14.1.4), 15.1.x (15.1.0–15.1.6.0/1), 16.1.x (16.1.0–16.1.3). Fixes are in 17.0.0 (for 16.x), 16.1.3.1 (for ...

7.5CVSS7.6AI score0.01074EPSS
Exploits1References1Affected Software11
CVE
CVE
added 2022/08/04 5:47 p.m.93 views

CVE-2022-34651

CVE-2022-34651 affects BIG-IP TLS 1.3 in LTM when a TLS 1.3-enabled Client or Server SSL profile is on a virtual server and an iRule calls HTTP::respond. The TMM can terminate, causing DoS due to TMM restart. Affected branches include BIG-IP 16.1.0–16.1.3 (fixed in 16.1.3.1), 15.1.0–15.1.6 (fixed...

7.5CVSS7.6AI score0.00681EPSS
Exploits0References1Affected Software11
Cvelist
Cvelist
added 2022/08/04 5:47 p.m.27 views

CVE-2022-33968 BIG-IP LTM and APM NTLM vulnerability CVE-2022-33968

In BIG-IP Versions 17.0.x before 17.0.0.1, 16.1.x before 16.1.3.1, 15.1.x before 15.1.6.1, 14.1.x before 14.1.5.1, and all versions of 13.1.x, when an LTM monitor or APM SSO is configured on a virtual server, and NTLM challenge-response is in use, undisclosed traffic can cause a buffer over-read...

3.7CVSS5.7AI score0.00461EPSS
Exploits0References1
CVE
CVE
added 2022/08/04 5:46 p.m.116 views

CVE-2022-32455

CVE-2022-32455 affects F5 BIG-IP TMM when a LTM Client SSL profile on a virtual server uses client certificate authentication with session tickets enabled. Undisclosed requests can cause the Traffic Management Microkernel (TMM) to terminate, resulting in a DoS as the TMM restarts. Affected branch...

7.5CVSS7.7AI score0.00453EPSS
Exploits0References1Affected Software11
Positive Technologies
Positive Technologies
added 2022/08/04 12:0 a.m.8 views

PT-2022-22400 · F5 · Big-Ip

Name of the Vulnerable Software and Affected Versions: BIG-IP versions 13.1.x BIG-IP versions 14.1.x before 14.1.5 BIG-IP versions 15.1.x before 15.1.6.1 BIG-IP versions 16.1.x before 16.1.3.1 Description: When an LTM virtual server is configured to perform normalization, undisclosed requests can...

7.5CVSS7.4AI score0.01074EPSS
Exploits1References4
ATTACKERKB
ATTACKERKB
added 2022/08/03 2:0 p.m.2 views

CVE-2022-33968

In BIG-IP Versions 17.0.x before 17.0.0.1, 16.1.x before 16.1.3.1, 15.1.x before 15.1.6.1, 14.1.x before 14.1.5.1, and all versions of 13.1.x, when an LTM monitor or APM SSO is configured on a virtual server, and NTLM challenge-response is in use, undisclosed traffic can cause a buffer over-read...

4.9CVSS6.1AI score0.00461EPSS
Exploits0References2Affected Software1
CNVD
CNVD
added 2022/08/03 12:0 a.m.27 views

F5 BIG-IP TMM Data Normalization Infinite Loop Vulnerability

F5 BIG-IP is an application delivery platform from F5 that integrates network traffic orchestration, load balancing, intelligent DNS, remote access policy management, etc. An infinite loop vulnerability in F5 BIG-IP TMM data normalization stems from the fact that when an LTM virtual server is...

7.5CVSS2.4AI score0.01074EPSS
Exploits1References1
CNVD
CNVD
added 2022/08/03 12:0 a.m.29 views

F5 BIG-IP TMM ClientSSL Profile Denial of Service Vulnerability

F5 BIG-IP is an application delivery platform from F5 that integrates network traffic orchestration, load balancing, intelligent DNS, remote access policy management, etc. A denial of service vulnerability exists in the F5 BIG-IP TMM ClientSSL profile, which stems from the vulnerability when the...

7.5CVSS3.1AI score0.00453EPSS
Exploits0References1
Tenable Nessus
Tenable Nessus
added 2022/08/03 12:0 a.m.27 views

F5 Networks BIG-IP : BIG-IP LTM and APM NTLM vulnerability (K23465404)

The version of F5 Networks BIG-IP installed on the remote host is prior to 14.1.5.1 / 15.1.6.1 / 16.1.3.1 / 17.0.0.1 / 17.1.0. It is, therefore, affected by a vulnerability as referenced in the K23465404 advisory. - In BIG-IP Versions 17.0.x before 17.0.0.1, 16.1.x before 16.1.3.1, 15.1.x before...

4.9CVSS5.8AI score0.00461EPSS
Exploits0References2
Prion
Prion
added 2022/05/05 5:15 p.m.23 views

Code injection

On F5 BIG-IP LTM, Advanced WAF, ASM, or APM 16.1.x versions prior to 16.1.2.2, 15.1.x versions prior to 15.1.5, 14.1.x versions prior to 14.1.4.6, and all versions of 13.1.x, 12.1.x, and 11.6.x, when a virtual server is configured with HTTP, TCP on one side client/server, and DTLS on the other...

5CVSS7.5AI score0.00868EPSS
Exploits0References1Affected Software4
CVE
CVE
added 2022/05/05 4:49 p.m.104 views

CVE-2022-29491

CVE-2022-29491 affects BIG-IP LTM, Advanced WAF, ASM, and APM. When a virtual server is configured with HTTP, TCP on one side and DTLS on the other, undisclosed requests can cause the TMM process to terminate, resulting in a DoS (service disruption) with potential data-plane impact. The vulnerabi...

7.5CVSS7.6AI score0.00868EPSS
Exploits0References1Affected Software4
NVD
NVD
added 2022/01/25 8:15 p.m.36 views

CVE-2022-23021

On BIG-IP version 16.1.x before 16.1.2, when any of the following configurations are configured on a virtual server, undisclosed requests can cause the Traffic Management Microkernel TMM to terminate: HTTP redirect rule in an LTM policy, BIG-IP APM Access Profile, and Explicit HTTP Proxy in HTTP...

7.5CVSS0.0092EPSS
Exploits0References1
OSV
OSV
added 2020/12/24 4:15 p.m.9 views

CVE-2020-27720

On BIG-IP LTM/CGNAT version 16.0.0-16.0.0.1, 15.1.0-15.1.0.5, 14.1.0-14.1.3, and 13.1.0-13.1.3.5, when processing NAT66 traffic with Port Block Allocation PBA mode and SP-DAG enabled, and dag-ipv6-prefix-len configured with a value less than the default of 128, an undisclosed traffic pattern may...

7.5CVSS7.1AI score0.01423EPSS
Exploits0References1
Prion
Prion
added 2020/12/24 4:15 p.m.28 views

Design/Logic Flaw

On BIG-IP LTM/CGNAT version 16.0.0-16.0.0.1, 15.1.0-15.1.0.5, 14.1.0-14.1.3, and 13.1.0-13.1.3.5, when processing NAT66 traffic with Port Block Allocation PBA mode and SP-DAG enabled, and dag-ipv6-prefix-len configured with a value less than the default of 128, an undisclosed traffic pattern may...

4.3CVSS7.5AI score0.01423EPSS
Exploits0References1Affected Software2
NVD
NVD
added 2020/12/24 3:15 p.m.24 views

CVE-2020-27721

In versions 16.0.0-16.0.0.1, 15.1.0-15.1.1, 14.1.0-14.1.3, 13.1.0-13.1.3.5, 12.1.0-12.1.5.2, and 11.6.1-11.6.5.2, in a BIG-IP DNS / BIG-IP LTM GSLB deployment, under certain circumstances, the BIG-IP DNS system may stop using a BIG-IP LTM virtual server for DNS response...

7.5CVSS7.5AI score0.01002EPSS
Exploits0References1
CVE
CVE
added 2020/12/24 3:15 p.m.81 views

CVE-2020-27720

CVE-2020-27720 affects F5 BIG-IP LTM/CGNAT where processing NAT66 traffic with Port Block Allocation (PBA) mode and SP-DAG enabled, with dag-ipv6-prefix-len under 128, may trigger a restart of the Traffic Management Microkernel (TMM). Affected versions include 16.0.0-16.0.0.1, 15.1.0-15.1.0.5, 14...

7.5CVSS7.4AI score0.01423EPSS
Exploits0References1Affected Software2
Cvelist
Cvelist
added 2020/12/24 3:15 p.m.39 views

CVE-2020-27720

On BIG-IP LTM/CGNAT version 16.0.0-16.0.0.1, 15.1.0-15.1.0.5, 14.1.0-14.1.3, and 13.1.0-13.1.3.5, when processing NAT66 traffic with Port Block Allocation PBA mode and SP-DAG enabled, and dag-ipv6-prefix-len configured with a value less than the default of 128, an undisclosed traffic pattern may...

7.5AI score0.01423EPSS
Exploits0References1
Prion
Prion
added 2020/12/24 3:15 p.m.21 views

Code injection

In versions 16.0.0-16.0.0.1, 15.1.0-15.1.1, 14.1.0-14.1.3, 13.1.0-13.1.3.5, 12.1.0-12.1.5.2, and 11.6.1-11.6.5.2, in a BIG-IP DNS / BIG-IP LTM GSLB deployment, under certain circumstances, the BIG-IP DNS system may stop using a BIG-IP LTM virtual server for DNS response...

4.3CVSS7.5AI score0.01002EPSS
Exploits0References1Affected Software2
CVE
CVE
added 2020/12/24 2:52 p.m.80 views

CVE-2020-27721

F5 BIG-IP DNS / LTM GSLB vulnerability CVE-2020-27721 can cause the BIG-IP DNS system to stop using a BIG-IP LTM virtual server for DNS responses, leading to DoS. Affected versions include 16.0.0–16.0.0.1, 15.1.0–15.1.1, 14.1.0–14.1.3, 13.1.0–13.1.3.5, 12.1.0–12.1.5.2, and 11.6.1–11.6.5.2. Root c...

7.5CVSS7.5AI score0.01002EPSS
Exploits0References1Affected Software2
CNNVD
CNNVD
added 2020/12/17 12:0 a.m.6 views

F5 BIG-IP LTM/CGNAT Security Vulnerability

F5 BIG-IP is an application delivery platform that integrates network traffic management, application security management, load balancing, and other functions from F5 Corporation. A security vulnerability exists in F5 BIG-IP LTM/CGNAT, which can be exploited by an attacker to trigger a denial of...

7.5CVSS7.1AI score0.01423EPSS
Exploits0References4
Rows per page
Query Builder