The vulnerability of the IPv6 traffic processing services in Cisco IOS XR and Cisco NX-OS systems allows attackers to enhance their privileges.

The vulnerability of the IPv6 traffic processing service in Cisco IOS XR and Cisco NX-OS lies in errors in handling IPv6 traffic. Exploiting this vulnerability can allow a malicious actor to gain increased privileges remotely...

Cisco IOS XR Software IPv6 Access Control List Bypass (cisco-sa-ipv6-acl-CHgdYk8j)

A vulnerability in the IPv6 traffic processing of Cisco IOS XR Software for certain Cisco devices could allow an unauthenticated, remote attacker to bypass an IPv6 access control list ACL that is configured for an interface of an affected device. The vulnerability is due to improper processing of...

Improper access control

A vulnerability in the IPv6 traffic processing of Cisco IOS XR Software and Cisco NX-OS Software for certain Cisco devices could allow an unauthenticated, remote attacker to bypass an IPv6 access control list ACL that is configured for an interface of an affected device. The vulnerability is due ...

CVE-2020-27724

In BIG-IP APM versions 16.0.0-16.0.0.1, 15.1.0-15.1.0.4, 15.0.0-15.0.1.3, 14.1.0-14.1.3, 13.1.0-13.1.3.4, 12.1.0-12.1.5.2, and 11.6.1-11.6.5.2, on systems running more than one TMM instance, authenticated VPN users may consume excessive resources by sending specially-crafted malicious traffic ove...

F5 Networks BIG-IP : BIG-IP APM VDI plugin vulnerability (K73657294)

Under certain conditions, the VDI plugin does not observe plugin flow-control protocol causing excessive resource consumption.CVE-2020-27722 Impact This affects only a BIG-IP APM virtual server configured with a Virtual Desktop InfrastructureVDI profile. Your BIG-IP system affected by this...

F5 Networks BIG-IP : BIG-IP APM vulnerability (K51574311)

When a BIG-IP APM virtual server processes traffic of an undisclosed nature, the Traffic Management Microkernel TMM stops responding and restarts.CVE-2020-27716 Impact Traffic processing is disrupted while TMM restarts. If the affected BIG-IP system is configured as part of a device group, the...

The vulnerability of the IP traffic processing function in Cisco IOS XE routers with integrated Cisco services series 4461 allows a attacker to cause a service failure.

The vulnerability of the IP traffic processing function in Cisco IOS XE routers with integrated Cisco services from the 4461 series is related to errors in traffic processing. Exploiting this vulnerability can allow a malicious actor to cause service interruptions...

The vulnerability of the IPv6 traffic processing service of the StarOS operating system, allowing a hacker to trigger a service failure

The vulnerability of the IPv6 traffic processing service of the StarOS operating system exists due to insufficient validation of input data. Exploiting this vulnerability can allow a malicious actor to cause service failures remotely...

The vulnerability of Cisco Small Business network device software related to IPv6 traffic processing errors allows a perpetrator to cause service interruptions.

The vulnerability of Cisco Small Business network devices’ microprogramming software is related to errors in handling IPv6 traffic. Exploiting this vulnerability can allow a malicious actor to cause service interruptions remotely...

F5 Networks BIG-IP : TMM SCTP vulnerability (K26464312)

The Traffic Management Microkernel TMM may stop responding when processing Stream Control Transmission Protocol SCTP traffic when traffic volume is high. This vulnerability affects TMM by way of a virtual server configured with an SCTP profile.CVE-2020-5918 Impact Traffic processing is disrupted...

F5 Networks BIG-IP : BIG-IP TMM vulnerability (K50046200)

The Traffic Management Microkernel TMM process may produce a core file when using the connector profile and a specific sequence of connections are received. CVE-2020-5854 Impact The BIG-IP system temporarily fails to process traffic as it recovers from a TMMrestart, and devices configured in a...

F5 Networks BIG-IP : BIG-IP TMM vulnerability (K76328112)

BIG-IP virtual servers with Loose Initiation enabled on a FastL4 profile may be subject to excessive flow usage under undisclosed conditions. CVE-2019-6683 Impact This vulnerability is present only on BIG-IP Virtual Edition VE systems with limited bandwidth licenses. BIG-IP VE products with...

F5 Networks BIG-IP : BIG-IP ASM memory exhaustion vulnerability (K40452417)

The BIG-IP ASM system may consume excessive resources when processing certain types of HTTP responses from the origin web server. This vulnerability is only known to affect resource-constrained systems in which the security policy is configured with response-side features, such as Data Guard or...

F5 Networks BIG-IP : TMM vulnerability (K23860356)

iRules performing HTTP header manipulation may cause a denial-of-serviceDoS when processing traffic handled by a virtual server with an associated HTTP profile, in specific circumstances, when the requests do not strictly conform to RFCs.CVE-2019-6660 Impact The affected BIG-IP system's Traffic...

F5 BIG-IP Input Validation Error Vulnerability (CNVD-2020-00244)

F5 BIG-IP is an application delivery platform from F5 USA that integrates network traffic management, application security management, load balancing and other functions. An input validation error vulnerability exists in F5 BIG-IP, which can be exploited by an attacker to cause the TMM to stop...

CVE-2019-6680

CVE-2019-6680 affects F5 BIG-IP TMM FastL4 when a standard virtual server targets a FastL4 virtual server on the same BIG-IP system. Affected versions: 15.0.0–15.0.1; 14.1.0–14.1.2; 14.0.0–14.0.1; 13.1.0–13.1.3.2; 12.1.0–12.1.5; 11.5.2–11.6.5. The issue may cause the hardware appliance to stop re...

CVE-2019-6677

On BIG-IP versions 15.0.0-15.0.1, 14.1.0-14.1.2, 14.0.0-14.0.1, 13.1.0-13.1.3.1, and 12.1.0-12.1.5, under certain conditions when using custom TCP congestion control settings in a TCP profile, TMM stops processing traffic when processed by an iRule...

SpotAuditor 'Base64' Denial of Service Vulnerability

SpotAuditor is a useful password recovery software for recovering passwords stored in your computer, which is mainly used to get the list of passwords that have been saved in the local computer, the list of access URLs, and the list of programs that have been launched. A denial of service...

CVE-2019-6667

On BIG-IP 15.0.0-15.0.1, 14.1.0-14.1.0.5, 14.0.0-14.0.0.4, 13.1.0-13.1.1.5, 12.1.0-12.1.4.1, and 11.5.1-11.6.5, under certain conditions, TMM may consume excessive resources when processing traffic for a Virtual Server with the FIX Financial Information eXchange profile applied...

Cisco Extends Patch for IPv6 DoS Vulnerability

Cisco has extended its patch for a high-severity IPv6 denial-of-service DoS vulnerability that was first addressed in 2016. The bug CVE-2016-1409 is a vulnerability in the IPv6 packet processing functions of multiple Cisco products, which could allow an unauthenticated, remote attacker to cause a...