70 matches found
CVE-2025-21091 BIG-IP SNMP vulnerability
When SNMP v1 or v2c are disabled on the BIG-IP, undisclosed requests can cause an increase in memory resource utilization. Note: Software versions which have reached End of Technical Support EoTS are not evaluated...
K000139778: BIG-IP PEM vulnerability CVE-2025-22891
Security Advisory Description When a BIG-IP PEM Control Plane Listener virtual server is configured with a Diameter Endpoint profile, undisclosed traffic can cause the virtual server to stop processing new client connections and cause an increase in memory resource utilization. CVE-2025-22891...
F5 Networks BIG-IP : BIG-IP message routing vulnerability (K000140947)
The version of F5 Networks BIG-IP installed on the remote host is prior to 16.1.6 / 17.1.2 / Hotfix- BIGIP-15.1.10.6.0.11.6-ENG.iso / Hotfix-BIGIP-16.1.5.2.0.7.5-ENG.iso. It is, therefore, affected by a vulnerability as referenced in the K000140947 advisory. When a BIG-IP message routing profile ...
F5 Networks BIG-IP : BIG-IP PEM vulnerability (K000139778)
The version of F5 Networks BIG-IP installed on the remote host is prior to 16.1.5 / 17.1.2 / Hotfix- BIGIP-15.1.10.6.0.11.6-ENG.iso. It is, therefore, affected by a vulnerability as referenced in the K000139778 advisory. When a BIG-IP PEMControl Plane Listenervirtual server is configured with...
F5 Networks BIG-IP : BIG-IP SNMP vulnerability (K000140933)
The version of F5 Networks BIG-IP installed on the remote host is prior to 16.1.6 / 17.1.2 / Hotfix- BIGIP-15.1.10.6.0.11.6-ENG.iso / Hotfix-BIGIP-16.1.5.2.0.7.5-ENG.iso. It is, therefore, affected by a vulnerability as referenced in the K000140933 advisory. When SNMP v1 or v2c are disabled on th...
Security Bulletin: IBM Watson Discovery for IBM Cloud Pak for Data affected by vulnerability in Nginx
Summary IBM Watson Discovery for IBM Cloud Pak for Data contains a vulnerable version of Nginx Vulnerability Details CVEID:CVE-2024-7646 DESCRIPTION: Kubernetes ingress-nginx could allow a remote authenticated attacker to execute arbitrary commands on the system, caused by an annotation validatio...
F5 Networks BIG-IP : BIG-IP TMM vulnerability (K000138833)
The version of F5 Networks BIG-IP installed on the remote host is prior to 16.1.5. It is, therefore, affected by a vulnerability as referenced in the K000138833 advisory. In BIG-IP tenants running on r2000 and r4000 series hardware, or BIG-IP Virtual Edition VEs using Intel E810 SR-IOV NIC,...
K000139630: Expat vulnerability CVE-2023-52425
Security Advisory Description libexpat through 2.5.0 allows a denial of service resource consumption because many full reparsings are required in the case of a large token for which multiple buffer fills are needed. CVE-2023-52425 Impact There is no impact; F5 products are not affected by this...
Code injection
When a BIG-IP ASM/Advanced WAF security policy is configured on a virtual server, undisclosed requests can cause an increase in memory resource utilization. Note: Software versions which have reached End of Technical Support EoTS are not evaluated...
F5 Networks BIG-IP TCP profile vulnerability (K000134652)
The version of F5 Networks BIG-IP installed on the remote host is prior to 17.1.0 / 16.1.4 / 15.1.9. It is, therefore, affected by a vulnerability as referenced in the K000134652 advisory. When TCP Verified Accept is enabled on a TCP profile that is configured on a virtual server, undisclosed...
CVE-2023-40542 BIG-IP TCP Profile vulnerability
When TCP Verified Accept is enabled on a TCP profile that is configured on a Virtual Server, undisclosed requests can cause an increase in memory resource utilization. Note: Software versions which have reached End of Technical Support EoTS are not evaluated...
K000134652: BIG-IP TCP profile vulnerability CVE-2023-40542
Security Advisory Description When TCP Verified Accept is enabled on a TCP profile that is configured on a virtual server, undisclosed requests can cause an increase in memory resource utilization. CVE-2023-40542 Impact System performance can degrade until the Traffic Management Microkernel TMM...
F5 Networks BIG-IP : BIG-IP HTTP/2 profile vulnerability (K56676554)
The version of F5 Networks BIG-IP installed on the remote host is prior to 16.1.3.3 / 17.0.0.2 / 17.1.0. It is, therefore, affected by a vulnerability as referenced in the K56676554 advisory. - On BIG-IP versions 17.0.x before 17.0.0.2 and 16.1.x before 16.1.3.3, and BIG-IP SPK starting in versio...
F5 Networks BIG-IP : BIG-IP Packet Filters vulnerability (K31856317)
The version of F5 Networks BIG-IP installed on the remote host is prior to 14.1.4.6 / 15.1.5.1 / 16.1.2.2 / 17.0.0. It is, therefore, affected by a vulnerability as referenced in the K31856317 advisory. - On F5 BIG-IP 16.1.x versions prior to 16.1.2.2, 15.1.x versions prior to 15.1.5.1, and 14.1....
K23454411: DNS profile vulnerability CVE-2022-26372
Security Advisory Description When a DNS listener is configured on a virtual server with DNS queueing default, undisclosed requests can cause an increase in memory resource utilization. CVE-2022-26372 Impact System performance can degrade until the Traffic Management Microkernel TMM process is...
K00721320: BIG-IP AFM NAT64 policy vulnerability CVE-2022-41806
Security Advisory Description When a BIG-IP AFM Network Address Translation policy with IPv6/IPv4 translation rules is configured on a virtual server, undisclosed requests can cause an increase in memory resource utilization. CVE-2022-41806 Impact System performance can degrade until the TMM...
K50343028: BIG-IP FastL4 profile vulnerability CVE-2022-23029
Security Advisory Description When a FastL4 profile is configured on a virtual server, undisclosed traffic can cause an increase in memory resource utilization. CVE-2022-23029 Impact System performance degradation can occur until the process is either forced to restart or manually restarted. This...
K52534925: BIG-IP APM and F5 SSL Orchestrator vulnerability CVE-2022-33203
Security Advisory Description When a BIG-IP APM access policy with Service Connect agent is configured on a virtual server, undisclosed requests can cause an increase in memory resource utilization. CVE-2022-33203 Impact System performance can degrade until the Traffic Management Microkernel TMM...
CVE-2023-23552 BIG-IP Advanced WAF and ASM vulnerability
On versions 17.0.x before 17.0.0.2, 16.1.x before 16.1.3.3, 15.1.0 before 15.1.8, 14.1.x before 14.1.5.3, and all versions of 13.1.x, when a BIG-IP Advanced WAF or BIG-IP ASM security policy is configured on a virtual server, undisclosed requests can cause an increase in memory resource...
CVE-2023-22664 BIG-IP HTTP/2 profile vulnerability
On BIG-IP versions 17.0.x before 17.0.0.2 and 16.1.x before 16.1.3.3, and BIG-IP SPK starting in version 1.6.0, when a client-side HTTP/2 profile and the HTTP MRF Router option are enabled for a virtual server, undisclosed requests can cause an increase in memory resource utilization. Note:...