K000160486: Indicators of Compromise for c05d5254

Topic This article provides the known indicators of compromise IOCs associated with malicious software c05d5254 and related activity, and actions to take if IOCs are discovered. Important : Customers that were using BIG-IP APM on a vulnerable version at any point in time regardless of current...

EUVD-2019-16197

Malware in sbrugna...

CVE-2020-5912

In BIG-IP versions 15.1.0-15.1.0.4, 15.0.0-15.0.1.3, 14.1.0-14.1.2.3, 13.1.0-13.1.3.3, 12.1.0-12.1.5.1, and 11.6.1-11.6.5.1, the restjavad process's dump command does not follow current best coding practices and may overwrite arbitrary files...

CVE-2019-6634

On BIG-IP 14.1.0-14.1.0.5, 14.0.0-14.0.0.4, 13.0.0-13.1.1.4, and 12.1.0-12.1.4, a high volume of malformed analytics report requests leads to instability in restjavad process. This causes issues with both iControl REST and some portions of TMUI. The attack requires an authenticated user with any...

K12936322: BIG-IP restjavad vulnerability CVE-2020-5912

Security Advisory Description The restjavad process dump command does not follow current best coding practices and may overwrite arbitrary files. CVE-2020-5912 Impact A locally authenticated attacker may exploit this vulnerability by overwriting arbitrary files on the file system. Security Adviso...

K94325657: BIG-IP restjavad vulnerability CVE-2020-5880

Security Advisory Description The restjavad process may expose a way for attackers to upload arbitrary files on the BIG-IP system, bypassing the authorization system. Resulting error messages may also reveal internal paths of the server. CVE-2020-5880 Impact A remote attacker may be able to fill...

CVE-2020-5912

In BIG-IP versions 15.1.0-15.1.0.4, 15.0.0-15.0.1.3, 14.1.0-14.1.2.3, 13.1.0-13.1.3.3, 12.1.0-12.1.5.1, and 11.6.1-11.6.5.1, the restjavad process's dump command does not follow current best coding practices and may overwrite arbitrary files...

CVE-2020-5912

In BIG-IP versions 15.1.0-15.1.0.4, 15.0.0-15.0.1.3, 14.1.0-14.1.2.3, 13.1.0-13.1.3.3, 12.1.0-12.1.5.1, and 11.6.1-11.6.5.1, the restjavad process's dump command does not follow current best coding practices and may overwrite arbitrary files...

Command injection

In BIG-IP versions 15.1.0-15.1.0.4, 15.0.0-15.0.1.3, 14.1.0-14.1.2.3, 13.1.0-13.1.3.3, 12.1.0-12.1.5.1, and 11.6.1-11.6.5.1, the restjavad process's dump command does not follow current best coding practices and may overwrite arbitrary files...

CVE-2020-5912

In BIG-IP versions 15.1.0-15.1.0.4, 15.0.0-15.0.1.3, 14.1.0-14.1.2.3, 13.1.0-13.1.3.3, 12.1.0-12.1.5.1, and 11.6.1-11.6.5.1, the restjavad process's dump command does not follow current best coding practices and may overwrite arbitrary files...

CVE-2020-5912

CVE-2020-5912 affects F5 BIG-IP restjavad dump command. A locally authenticated attacker may overwrite arbitrary files in several BIG-IP releases. Affected: BIG-IP 11.6.1–11.6.5.1, 12.1.0–12.1.5.1, 13.1.0–13.1.3.3, 14.1.0–14.1.2.3, 15.0.0–15.0.1.3, 15.1.0–15.1.0.4. Remediation: upgrade to non‑vul...

F5 Networks BIG-IP : BIG-IP restjavad vulnerability (K12936322)

The restjavad process dump command does not follow current best coding practices and may overwrite arbitrary files.CVE-2020-5912 Impact A locally authenticated attacker may exploit this vulnerability by overwriting arbitrary files on the file system. C Tenable Network Security, Inc. The descripti...

CVE-2020-5880

Om BIG-IP 15.0.0-15.0.1.3 and 14.1.0-14.1.2.3, the restjavad process may expose a way for attackers to upload arbitrary files on the BIG-IP system, bypassing the authorization system. Resulting error messages may also reveal internal paths of the server...

Authorization

Om BIG-IP 15.0.0-15.0.1.3 and 14.1.0-14.1.2.3, the restjavad process may expose a way for attackers to upload arbitrary files on the BIG-IP system, bypassing the authorization system. Resulting error messages may also reveal internal paths of the server...

CVE-2020-5880

The CVE-2020-5880 issue affects BIG-IP RESTjavad and allows remote attackers to upload arbitrary files and bypass authorization, with error messages potentially exposing internal paths. Affected releases include BIG-IP 15.0.0–15.0.1.3 and 14.1.0–14.1.2.3. Mitigations: upgrade to 15.1.0 (15.x) or ...

F5 Networks BIG-IP : BIG-IP restjavad vulnerability (K94325657)

The restjavad process may expose a way for attackers to upload arbitrary files on the BIG-IP system, bypassing the authorization system. Resulting error messages may also reveal internal paths of the server. CVE-2020-5880 Impact A remote attacker may be able to fill the disk storage and make the...

F5 Networks BIG-IP : BIG-IP restjavad vulnerability (K01049383)

Sensitive information is logged into the local log files and/or remote logging targets when restjavad processes an invalid request. Users with access to the log files would be able to view that data. CVE-2019-6662 Impact When logging invalid requests,such as HTTP code 400 errors, the restjavad...

CVE-2019-6662

On BIG-IP 13.1.0-13.1.1.4, sensitive information is logged into the local log files and/or remote logging targets when restjavad processes an invalid request. Users with access to the log files would be able to view that data...

Design/Logic Flaw

On BIG-IP 13.1.0-13.1.1.4, sensitive information is logged into the local log files and/or remote logging targets when restjavad processes an invalid request. Users with access to the log files would be able to view that data...

CVE-2019-6662

CVE-2019-6662 affects BIG-IP restjavad; when processing invalid requests, the restjavad log includes request bodies, potentially exposing credentials and other sensitive data. Affected versions include BIG-IP 13.1.0–13.1.1; remediation is upgrading to 13.1.1.5 (or newer per vendor advisories). Ex...