36 matches found
EUVD-2016-8327
Malware in sbrugna...
EUVD-2020-27075
Malware in sbrugna...
EUVD-2022-44879
Malicious code in bioql PyPI...
CVE-2020-5921
in BIG-IP versions 15.1.0-15.1.0.4, 15.0.0-15.0.1.3, 14.1.0-14.1.2.6, 13.1.0-13.1.3.4, 12.1.0-12.1.5.1, and 11.6.1-11.6.5.2, Syn flood causes large number of MCPD context messages destined to secondary blades consuming memory leading to MCPD failure. This issue affects only VIPRION hosts with two...
F5 Networks BIG-IP : BIG-IP and BIG-IQ mcpd vulnerability (K64829234)
The version of F5 Networks BIG-IP installed on the remote host is prior to 14.1.5 / 15.1.6.1 / 16.1.3 / 17.0.0. It is, therefore, affected by a vulnerability as referenced in the K64829234 advisory. - In BIG-IP versions 16.1.x before 16.1.3, 15.1.x before 15.1.6.1, 14.1.x before 14.1.5, and all...
K87920510: BIG-IP mcpd vulnerability CVE-2019-6647
Security Advisory Description When processing authentication attempts for control-plane users, mcpd leaks a small amount of memory. Under rare conditions, attackers with access to the management interface can eventually deplete memory on the system. CVE-2019-6647 Impact Repeated failed...
K62279530: ConfigSync mcpd vulnerability CVE-2017-6161
Security Advisory Description When configuration synchronization ConfigSync is configured, attackers on adjacent networks may be able to bypass the TLS protections usually used to encrypt and authenticate connections to mcpd. CVE-2017-6161 Impact This vulnerability may allow remote attackers to...
K52180214: MCPD vulnerability CVE-2016-7474
Security Advisory Description In some cases, the MCPD binary cache may allow a user with Advanced Shell access to temporarily obtain normally unrecoverable information. CVE-2016-7474 Impact A local user may have access to sensitive data such as passwords for recently created local user accounts a...
K64829234: BIG-IP and BIG-IQ mcpd vulnerability CVE-2022-41694
Security Advisory Description When an SSL key is imported on a BIG-IP or BIG-IQ system, undisclosed input can cause the mcpd process to terminate. CVE-2022-41694 Impact Traffic is disrupted while the mcpd process restarts. This vulnerability allows a remote, authenticated attacker to cause a...
K00103216: BIG-IP VIPRION MCPD vulnerability CVE-2020-5921
Security Advisory Description SYN flood causes a large number of MCPD context messages destined to secondary blades consuming memory and leading to MCPD failure. CVE-2020-5921 Impact This issue affects only VIPRION hosts with two or more blades installed, including those with Virtual Clustered...
K32121038: BIG-IP mcpd vulnerability CVE-2020-5876
Security Advisory Description A race condition exists where mcpd and other processes may make unencrypted connection attempts to a new configuration sync peer. The race condition can occur when changing the ConfigSync IP address of a peer, adding a new peer, or when the Traffic Management...
CVE-2022-41694
In BIG-IP versions 16.1.x before 16.1.3, 15.1.x before 15.1.6.1, 14.1.x before 14.1.5, and all versions of 13.1.x, and BIG-IQ versions 8.x before 8.2.0.1 and all versions of 7.x, when an SSL key is imported on a BIG-IP or BIG-IQ system, undisclosed input can cause MCPD to terminate...
Code injection
In BIG-IP versions 16.1.x before 16.1.3, 15.1.x before 15.1.6.1, 14.1.x before 14.1.5, and all versions of 13.1.x, and BIG-IQ versions 8.x before 8.2.0.1 and all versions of 7.x, when an SSL key is imported on a BIG-IP or BIG-IQ system, undisclosed input can cause MCPD to terminate...
CVE-2022-41694 BIG-IP and BIG-IQ mcpd vulnerability CVE-2022-41694
In BIG-IP versions 16.1.x before 16.1.3, 15.1.x before 15.1.6.1, 14.1.x before 14.1.5, and all versions of 13.1.x, and BIG-IQ versions 8.x before 8.2.0.1 and all versions of 7.x, when an SSL key is imported on a BIG-IP or BIG-IQ system, undisclosed input can cause MCPD to terminate...
CVE-2022-41694 BIG-IP and BIG-IQ mcpd vulnerability CVE-2022-41694
In BIG-IP versions 16.1.x before 16.1.3, 15.1.x before 15.1.6.1, 14.1.x before 14.1.5, and all versions of 13.1.x, and BIG-IQ versions 8.x before 8.2.0.1 and all versions of 7.x, when an SSL key is imported on a BIG-IP or BIG-IQ system, undisclosed input can cause MCPD to terminate...
CVE-2022-41694
CVE-2022-41694 affects F5 BIG-IP and BIG-IQ: when an SSL key is imported, undisclosed input can cause the mcpd process to terminate, yielding a denial-of-service on the control plane. Affected are BIG-IP 16.1.x before 16.1.3; 15.1.x before 15.1.6.1; 14.1.x before 14.1.5; all 13.1.x; BIG-IQ 8.x be...
PT-2022-26030 · F5 · F5 Big-Ip +1
Name of the Vulnerable Software and Affected Versions: F5 BIG-IP versions 13.1.x through 16.1.2 F5 BIG-IP versions 14.1.x through 14.1.4 F5 BIG-IP versions 15.1.x through 15.1.6 F5 BIG-IQ versions 7.x through 8.1.0 Description: When an SSL key is imported on a BIG-IP or BIG-IQ system, undisclosed...
CVE-2020-5921
in BIG-IP versions 15.1.0-15.1.0.4, 15.0.0-15.0.1.3, 14.1.0-14.1.2.6, 13.1.0-13.1.3.4, 12.1.0-12.1.5.1, and 11.6.1-11.6.5.2, Syn flood causes large number of MCPD context messages destined to secondary blades consuming memory leading to MCPD failure. This issue affects only VIPRION hosts with two...
Security feature bypass
in BIG-IP versions 15.1.0-15.1.0.4, 15.0.0-15.0.1.3, 14.1.0-14.1.2.6, 13.1.0-13.1.3.4, 12.1.0-12.1.5.1, and 11.6.1-11.6.5.2, Syn flood causes large number of MCPD context messages destined to secondary blades consuming memory leading to MCPD failure. This issue affects only VIPRION hosts with two...
CVE-2020-5921
CVE-2020-5921 affects BIG-IP VIPRION multi-blade platforms (two or more blades). A SYN flood drives a flood of MCPD context messages to secondary blades, causing memory exhaustion and MCPD failure; single-blade VIPRION systems are not affected. Remediation is version-specific per F5 advisory K001...