Lucene search
+L

70 matches found

F5 Networks
F5 Networks
added 2023/02/01 1:27 p.m.20 views

K56676554: BIG-IP HTTP/2 profile vulnerability CVE-2023-22664

Security Advisory Description When a client-side HTTP/2 profile and the HTTP MRF Router option are enabled for a virtual server, undisclosed requests can cause an increase in memory resource utilization. CVE-2023-22664 Impact System performance can degrade until the Traffic Management Microkernel...

7.5CVSS7.5AI score0.00626EPSS
Exploits0Affected Software14
CNVD
CNVD
added 2023/02/01 12:0 a.m.27 views

F5 BIG-IP AWAF and ASM Denial of Service Vulnerability

F5 BIG-IP is an application delivery platform from F5 that integrates network traffic orchestration, load balancing, intelligent DNS, remote access policy management, etc. A denial of service vulnerability exists in F5 BIG-IP AWAF and ASM, where when a BIG-IP Advanced WAF or BIG-IP ASM security...

7.5CVSS4.1AI score0.01545EPSS
Exploits0References1
CNVD
CNVD
added 2023/02/01 12:0 a.m.66 views

F5 BIG-IP HTTP/2 profile denial of service vulnerability

F5 BIG-IP is an application delivery platform from F5 that integrates network traffic orchestration, load balancing, intelligent DNS, remote access policy management, etc. A denial of service vulnerability exists in the F5 BIG-IP HTTP/2 profile, when enabling the client HTTP/2 profile and HTTP MR...

7.5CVSS1.8AI score0.00626EPSS
Exploits0References1
Prion
Prion
added 2022/10/19 10:15 p.m.19 views

Design/Logic Flaw

In versions 16.1.x before 16.1.3.2 and 15.1.x before 15.1.5.1, when BIG-IP AFM Network Address Translation policy with IPv6/IPv4 translation rules is configured on a virtual server, undisclosed requests can cause an increase in memory resource utilization...

5CVSS7.5AI score0.00616EPSS
Exploits0References1Affected Software1
Prion
Prion
added 2022/10/19 10:15 p.m.17 views

Design/Logic Flaw

In BIG-IP versions 17.0.x before 17.0.0.1, 16.1.x before 16.1.3.1, 15.1.x before 15.1.6.1, 14.1.x before 14.1.5.1, and 13.1.x before 13.1.5.1, when a SIP profile is configured on a virtual server, undisclosed messages can cause an increase in memory resource utilization...

5CVSS7.5AI score0.00616EPSS
Exploits0References1Affected Software11
Prion
Prion
added 2022/10/19 10:15 p.m.20 views

Design/Logic Flaw

In BIG-IP versions 17.0.x before 17.0.0.1, 16.1.x before 16.1.3.2, 15.1.x before 15.1.7, 14.1.x before 14.1.5.2, and 13.1.x before 13.1.5.1, when a sideband iRule is configured on a virtual server, undisclosed traffic can cause an increase in memory resource utilization...

5CVSS7.5AI score0.00616EPSS
Exploits0References1Affected Software11
Cvelist
Cvelist
added 2022/10/19 9:21 p.m.28 views

CVE-2022-41770 BIG-IP and BIG-IQ iControl REST vulnerability CVE-2022-41770

In BIG-IP versions 17.0.x before 17.0.0.1, 16.1.x before 16.1.3.1, 15.1.x before 15.1.7, 14.1.x before 14.1.5.1, and all versions of 13.1.x, and BIG-IQ all versions of 8.x and 7.x, an authenticated iControl REST user can cause an increase in memory resource utilization, via undisclosed requests...

6.5CVSS6.6AI score0.00595EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2022/10/19 9:19 p.m.7 views

CVE-2022-41624 BIG-IP iRules vulnerability CVE-2022-41624

In BIG-IP versions 17.0.x before 17.0.0.1, 16.1.x before 16.1.3.2, 15.1.x before 15.1.7, 14.1.x before 14.1.5.2, and 13.1.x before 13.1.5.1, when a sideband iRule is configured on a virtual server, undisclosed traffic can cause an increase in memory resource utilization...

7.5CVSS7.5AI score0.00616EPSS
Exploits0References1
CVE
CVE
added 2022/10/19 9:19 p.m.81 views

CVE-2022-41624

CVE-2022-41624 affects BIG-IP iRules vulnerability. When a sideband iRule is configured on a virtual server, undisclosed traffic can cause memory resource utilization to rise, potentially degrading system performance. Affected BIG-IP versions (per advisory K43024307) include: 17.0.x before 17.0.0...

7.5CVSS7.6AI score0.00616EPSS
Exploits0References1Affected Software11
Tenable Nessus
Tenable Nessus
added 2022/10/19 12:0 a.m.38 views

F5 Networks BIG-IP : BIG-IP iRules vulnerability (K43024307)

The version of F5 Networks BIG-IP installed on the remote host is prior to 13.1.5.1 / 14.1.5.2 / 15.1.7 / 16.1.3.2 / 17.0.0.1 / 17.1.0. It is, therefore, affected by a vulnerability as referenced in the K43024307 advisory. - In BIG-IP versions 17.0.x before 17.0.0.1, 16.1.x before 16.1.3.2, 15.1....

7.5CVSS7.4AI score0.00616EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2022/10/19 12:0 a.m.24 views

F5 Networks BIG-IP : BIG-IP AFM NAT64 policy vulnerability (K00721320)

The version of F5 Networks BIG-IP installed on the remote host is prior to 15.1.5.1 / 16.1.3.2 / 17.0.0. It is, therefore, affected by a vulnerability as referenced in the K00721320 advisory. - In versions 16.1.x before 16.1.3.2 and 15.1.x before 15.1.5.1, when BIG-IP AFM Network Address...

7.5CVSS7.4AI score0.00616EPSS
Exploits0References2
Cvelist
Cvelist
added 2022/08/04 5:46 p.m.23 views

CVE-2022-33203 BIG-IP APM and F5 SSL Orchestrator vulnerability CVE-2022-33203

In BIG-IP Versions 16.1.x before 16.1.3, 15.1.x before 15.1.6.1, and 14.1.x before 14.1.5, when a BIG-IP APM access policy with Service Connect agent is configured on a virtual server, undisclosed requests can cause an increase in memory resource utilization. Note: Software versions which have...

7.5CVSS7.7AI score0.00681EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2022/08/04 12:0 a.m.8 views

PT-2022-22645 · F5 · Big-Ip

Name of the Vulnerable Software and Affected Versions: BIG-IP versions 14.1.x through 14.1.5 BIG-IP versions 15.1.x through 15.1.6.1 BIG-IP versions 16.1.x through 16.1.2.2 Description: When an HTTP2 profile is configured on a virtual server, undisclosed traffic can cause an increase in memory...

7.5CVSS7.3AI score0.00681EPSS
Exploits0References3
Tenable Nessus
Tenable Nessus
added 2022/08/03 12:0 a.m.31 views

F5 Networks BIG-IP : BIG-IP Message Routing MQTT vulnerability (K28405643)

The version of F5 Networks BIG-IP installed on the remote host is prior to 14.1.5 / 15.1.6.1 / 16.1.2.2 / 17.0.0. It is, therefore, affected by a vulnerability as referenced in the K28405643 advisory. - In BIG-IP Versions 16.1.x before 16.1.2.2, 15.1.x before 15.1.6.1, and 14.1.x before 14.1.5,...

7.5CVSS7.5AI score0.00681EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2022/08/03 12:0 a.m.24 views

F5 Networks BIG-IP : HTTP2 profile vulnerability (K79933541)

The version of F5 Networks BIG-IP installed on the remote host is prior to 14.1.5 / 15.1.6.1 / 16.1.2.2 / 17.0.0. It is, therefore, affected by a vulnerability as referenced in the K79933541 advisory. - In BIG-IP Versions 16.1.x before 16.1.2.2, 15.1.x before 15.1.6.1, and 14.1.x before 14.1.5,...

7.5CVSS7.5AI score0.00681EPSS
Exploits0References2
CNVD
CNVD
added 2022/08/03 12:0 a.m.47 views

F5 BIG-IP HTTP2 profile denial of service vulnerability

F5 BIG-IP is an application delivery platform from F5 that integrates network traffic orchestration, load balancing, intelligent DNS, remote access policy management, etc. A denial of service vulnerability exists in the F5 BIG-IP HTTP2 profile, which stems from the fact that when configuring the...

7.5CVSS2.9AI score0.00681EPSS
Exploits0References1
Prion
Prion
added 2022/05/05 5:15 p.m.23 views

Default credentials

On F5 BIG-IP 15.1.x versions prior to 15.1.0.2, 14.1.x versions prior to 14.1.4.6, 13.1.x versions prior to 13.1.5, and all versions of 12.1.x and 11.6.x, when a DNS listener is configured on a virtual server with DNS queueing default, undisclosed requests can cause an increase in memory resource...

4.3CVSS7.4AI score0.00843EPSS
Exploits0References1Affected Software11
CVE
CVE
added 2022/05/05 4:26 p.m.91 views

CVE-2022-26372

CVE-2022-26372 affects F5 BIG-IP DNS profile: when a DNS listener on a virtual server uses DNS queueing (default), undisclosed requests can cause memory resource utilization to spike, leading to degraded performance or DoS. Affected branches and fixes per VULNERABILITY docs: BIG-IP 15.1.x before ...

7.5CVSS7.5AI score0.00843EPSS
Exploits0References1Affected Software11
Cvelist
Cvelist
added 2022/05/05 4:26 p.m.22 views

CVE-2022-26372

On F5 BIG-IP 15.1.x versions prior to 15.1.0.2, 14.1.x versions prior to 14.1.4.6, 13.1.x versions prior to 13.1.5, and all versions of 12.1.x and 11.6.x, when a DNS listener is configured on a virtual server with DNS queueing default, undisclosed requests can cause an increase in memory resource...

7.5CVSS7.6AI score0.00843EPSS
Exploits0References1
Tenable Nessus
Tenable Nessus
added 2022/05/05 12:0 a.m.20 views

F5 Networks BIG-IP : DNS profile vulnerability (K23454411)

The version of F5 Networks BIG-IP installed on the remote host is prior to 13.1.5 / 14.1.4.6 / 15.1.0.2 / 16.0.0. It is, therefore, affected by a vulnerability as referenced in the K23454411 advisory. - On F5 BIG-IP 15.1.x versions prior to 15.1.0.2, 14.1.x versions prior to 14.1.4.6, 13.1.x...

7.5CVSS7.5AI score0.00843EPSS
Exploits0References2
Rows per page
Query Builder