Lucene search
K

195 matches found

Tenable Nessus
Tenable Nessus
added 2018/11/02 12:0 a.m.28 views

F5 Networks BIG-IP : TMM with HTTP/2 vulnerability (K45320419)

Maliciously crafted HTTP/2 request frames can lead to denial of service. There is data plane exposure for virtual servers when the HTTP2 profile is enabled. There is no control plane exposure to this issue. CVE-2018-5514 Impact The BIG-IP system may temporarily fail to process traffic as it...

7.5CVSS7.3AI score0.03965EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2018/11/02 12:0 a.m.24 views

F5 Networks BIG-IP : BIG-IP SSL profile vulnerability (K53931245)

Under certain conditions, virtual servers configured with Client SSL or Server SSL profiles that make use of network hardware security module HSM functionality are exposed and impacted by this issue. CVE-2018-5524 Impact Malformed Transport Layer Security TLS requests sent to virtual servers usin...

5.3CVSS5.7AI score0.01719EPSS
Exploits0References2
CVE
CVE
added 2018/10/31 2:0 p.m.64 views

CVE-2018-15319

CVE-2018-15319 affects F5 BIG-IP TMM when HTTP profiles or iRules use the non-default Normalize URI options. Affected: BIG-IP 14.0.0–14.0.0.2, 13.0.0–13.1.1.1, 12.1.0–12.1.3.6. Root cause: certain HTTP URI/Use normalized URI configurations allow malicious requests to trigger TMM restart. Impact: ...

7.8CVSS7.3AI score0.01859EPSS
Exploits0References2Affected Software1
OSV
OSV
added 2018/10/08 7:29 p.m.4 views

CVE-2016-7475

Under some circumstances on BIG-IP 12.0.0-12.1.0, 11.6.0-11.6.1, or 11.4.0-11.5.4 HF1, the Traffic Management Microkernel TMM may not properly clean-up pool member network connections when using SPDY or HTTP/2 virtual server profiles...

7.5CVSS5.8AI score0.01321EPSS
Exploits0References1
OSV
OSV
added 2018/07/25 2:29 p.m.3 views

CVE-2018-5530

F5 BIG-IP 13.0.0-13.1.0.5, 12.1.0-12.1.3.5, or 11.6.0-11.6.3.1 virtual servers with HTTP/2 profiles enabled are vulnerable to "HPACK Bomb"...

7.5CVSS5.8AI score0.01782EPSS
Exploits0References2
Prion
Prion
added 2018/07/25 2:29 p.m.23 views

Stack overflow

F5 BIG-IP 13.0.0-13.1.0.5, 12.1.0-12.1.3.5, or 11.6.0-11.6.3.1 virtual servers with HTTP/2 profiles enabled are vulnerable to "HPACK Bomb"...

5CVSS7.5AI score0.01782EPSS
Exploits0References2Affected Software9
OSV
OSV
added 2018/07/25 2:29 p.m.2 views

CVE-2018-5536

A remote attacker via undisclosed measures, may be able to exploit an F5 BIG-IP APM 13.0.0-13.1.0.7 or 12.1.0-12.1.3.5 virtual server configured with an APM per-request policy object and cause a memory leak in the APM module...

7.5CVSS5.8AI score0.02355EPSS
Exploits0References2
OSV
OSV
added 2018/06/27 8:29 p.m.5 views

CVE-2018-5527

On BIG-IP 13.1.0-13.1.0.7, a remote attacker using undisclosed methods against virtual servers configured with a Client SSL or Server SSL profile that has the SSL Forward Proxy feature enabled can force the Traffic Management Microkernel tmm to leak memory. As a result, system memory usage...

7.5CVSS5.8AI score0.02577EPSS
Exploits0References2
OSV
OSV
added 2018/06/01 2:29 p.m.4 views

CVE-2018-5524

Under certain conditions, on F5 BIG-IP 13.0.0-13.1.0.5, 12.1.0-12.1.3.1, or 11.6.1 HF2-11.6.3.1, virtual servers configured with Client SSL or Server SSL profiles which make use of network hardware security module HSM functionality are exposed and impacted by this issue...

5.3CVSS5.8AI score0.01719EPSS
Exploits0References2
Prion
Prion
added 2018/06/01 2:29 p.m.20 views

Design/Logic Flaw

Under certain conditions, on F5 BIG-IP 13.0.0-13.1.0.5, 12.1.0-12.1.3.1, or 11.6.1 HF2-11.6.3.1, virtual servers configured with Client SSL or Server SSL profiles which make use of network hardware security module HSM functionality are exposed and impacted by this issue...

5CVSS5.4AI score0.01719EPSS
Exploits0References2Affected Software11
Cvelist
Cvelist
added 2018/06/01 2:0 p.m.28 views

CVE-2018-5524

Under certain conditions, on F5 BIG-IP 13.0.0-13.1.0.5, 12.1.0-12.1.3.1, or 11.6.1 HF2-11.6.3.1, virtual servers configured with Client SSL or Server SSL profiles which make use of network hardware security module HSM functionality are exposed and impacted by this issue...

5.4AI score0.01719EPSS
Exploits0References2
OSV
OSV
added 2018/05/02 1:29 p.m.5 views

CVE-2018-5514

On F5 BIG-IP 13.1.0-13.1.0.5, maliciously crafted HTTP/2 request frames can lead to denial of service. There is data plane exposure for virtual servers when the HTTP2 profile is enabled. There is no control plane exposure to this issue...

7.5CVSS5.8AI score0.03965EPSS
Exploits0References3
NVD
NVD
added 2018/04/13 1:29 p.m.23 views

CVE-2018-5510

On F5 BIG-IP 11.5.4 HF4-11.5.5, the Traffic Management Microkernel TMM may restart when processing a specific sequence of packets on IPv6 virtual servers...

7.5CVSS7.6AI score0.01054EPSS
Exploits0References1
OSV
OSV
added 2018/04/13 1:29 p.m.2 views

CVE-2018-5510

On F5 BIG-IP 11.5.4 HF4-11.5.5, the Traffic Management Microkernel TMM may restart when processing a specific sequence of packets on IPv6 virtual servers...

7.5CVSS5.8AI score0.01054EPSS
Exploits0References1
OSV
OSV
added 2018/03/22 6:29 p.m.6 views

CVE-2018-5502

On F5 BIG-IP versions 13.0.0 - 13.1.0.3, attackers may be able to disrupt services on the BIG-IP system with maliciously crafted client certificate. This vulnerability affects virtual servers associated with Client SSL profile which enables the use of client certificate authentication. Client...

7.5CVSS5.8AI score0.014EPSS
Exploits0References2
Cvelist
Cvelist
added 2018/03/22 6:0 p.m.24 views

CVE-2018-5502

On F5 BIG-IP versions 13.0.0 - 13.1.0.3, attackers may be able to disrupt services on the BIG-IP system with maliciously crafted client certificate. This vulnerability affects virtual servers associated with Client SSL profile which enables the use of client certificate authentication. Client...

7.5AI score0.014EPSS
Exploits0References2
CVE
CVE
added 2018/03/19 9:0 p.m.78 views

CVE-2014-4024

Summary (CVE-2014-4024) : The vulnerability affects F5 BIG-IP SSL virtual servers when used with third-party SSL accelerator cards. A timing side-channel could allow remote attackers to observe activity with potential impact, under very specific conditions on local networks. Affected product fami...

5.9CVSS5.9AI score0.0162EPSS
Exploits0References2Affected Software1
Kitploit
Kitploit
added 2018/03/19 1:0 p.m.110 views

GetAltName - Get Subject Alt Name From SSL Certificates

GetAltName it's a little script that can extract Subject Alt Names for SSL Certificates directly from HTTPS web sites which can provide you with DNS names or virtual servers. It's useful in a discovery phase of a pen-testing assessment, this tool can provide you with more information about your...

7AI score
Exploits0References1
Positive Technologies
Positive Technologies
added 2018/03/19 12:0 a.m.7 views

PT-2018-4220 · F5 · F5 Big-Ip

Name of the Vulnerable Software and Affected Versions: F5 BIG-IP systems versions 10.x through 10.2.4 before HF9 F5 BIG-IP systems versions 11.x through 11.2.1 before HF12 F5 BIG-IP systems version 11.3.0 before HF10 F5 BIG-IP systems version 11.4.0 before HF8 F5 BIG-IP systems version 11.4.1...

5.9CVSS5.7AI score0.0162EPSS
Exploits0References3
Citrix
Citrix
added 2018/02/21 12:0 a.m.7 views

Unable to See All Virtual Servers Present on an Instance Using NetScaler MAS

Unable to see all the virtual servers that are present on an instance using NetScaler MAS...

7.1AI score
Exploits0
Rows per page
Query Builder