K55879220: Overview of F5 vulnerabilities (May 2022)

Security Advisory Description On May 4, 2022, F5 announced the following security issues. This document is intended to serve as an overview of these vulnerabilities and security exposures to help determine the impact to your F5 devices. You can find the details of each issue in the associated...

K40084114: Overview of F5 vulnerabilities (January 2022)

Security Advisory Description On January 19, 2022, F5 announced the following security issues. This document is intended to serve as an overview of these vulnerabilities and security exposures to help determine the impact to your F5 devices. You can find the details of each issue in the associate...

K21192332: Apache HTTP Server vulnerability CVE-2022-31813

Security Advisory Description Apache HTTP Server 2.4.53 and earlier may not send the X-Forwarded- headers to the origin server based on client side Connection header hop-by-hop mechanism. This may be used to bypass IP based authentication on the origin server/application. CVE-2022-31813 Impact An...

K22854260: Drupal vulnerability CVE-2018-7600

Security Advisory Description Drupal before 7.58, 8.x before 8.3.9, 8.4.x before 8.4.6, and 8.5.x before 8.5.1 allows remote attackers to execute arbitrary code because of an issue affecting multiple subsystems with default or common module configurations. CVE-2018-7600 Impact There is no impact;...

K04463175: SNMPv2 vulnerability CVE-1999-0517

Security Advisory Description When the non-default configuration allowing remote SNMPv2 access is set, attackers may be able to access the BIG-IP system SNMPv2 service using a guessed community string. CVE-1999-0517 Note : This vulnerability does not affect SNMPv3. Impact When configured to allow...

K25238311: Microsoft Remote Desktop Services Remote Code Execution vulnerability CVE-2019-0708

Security Advisory Description A remote code execution vulnerability exists in Remote Desktop Services formerly known as Terminal Services when an unauthenticated attacker connects to the target system using RDP and sends specially crafted requests, aka 'Remote Desktop Services Remote Code Executi...

K25544541: PHP vulnerabilities CVE-2019-9638, CVE-2019-9639, CVE-2019-9640, and CVE-2019-9641

Security Advisory Description CVE-2019-9638 An issue was discovered in the EXIF component in PHP before 7.1.27, 7.2.x before 7.2.16, and 7.3.x before 7.3.3. There is an uninitialized read in exifprocessIFDinMAKERNOTE because of mishandling the makernote-offset relationship to valuelen...

K16828: Apache Tomcat vulnerability CVE-2005-2090

Security Advisory Description Jakarta Tomcat 5.0.19 Coyote/1.1 and Tomcat 4.1.24 Coyote/1.0 allows remote attackers to poison the web cache, bypass web application firewall protection, and conduct XSS attacks via an HTTP request with both a "Transfer-Encoding: chunked" header and a Content-Length...

K13167034: OpenSSL vulnerability CVE-2016-2183

Security Advisory Description The DES and Triple DES ciphers, as used in the TLS, SSH, and IPSec protocols and other protocols and products, have a birthday bound of approximately four billion blocks, which makes it easier for remote attackers to obtain cleartext data via a birthday attack agains...

K3126: Large TCP window sizes may make it easier to predict sequence numbers vulnerability CVE-2004-0230

Security Advisory Description Note : For information about signing up to receive security notice updates from F5, refer to K9970: Subscribing to email notifications regarding F5 products. Note : Versions that are not listed in this article have not been evaluated for vulnerability to this securit...

K21905460: BIG-IP SSL vulnerability CVE-2017-6168

Security Advisory Description On BIG-IP versions 11.6.0-11.6.2 fixed in 11.6.2 HF1, 12.0.0-12.1.2 HF1 fixed in 12.1.2 HF2, or 13.0.0-13.0.0 HF2 fixed in 13.0.0 HF3 a virtual server configured with a Client SSL profile may be vulnerable to an Adaptive Chosen Ciphertext attack AKA Bleichenbacher...

SOL15168792 - Apache Struts 2 vulnerability CVE-2016-4438

Vulnerability Recommended Actions None Supplemental Information SOL9970: Subscribing to email notifications regarding F5 products SOL9957: Creating a custom RSS feed to view new and updated documents SOL4602: Overview of the F5 security vulnerability response policy SOL4918: Overview of the F5...

SOL17450 - BIND vulnerabilities CVE-1999-0024 and CVE-2006-0987

Recommended Action None Supplemental Information SOL9970: Subscribing to email notifications regarding F5 products SOL9957: Creating a custom RSS feed to view new and updated documents SOL4602: Overview of the F5 security vulnerability response policy SOL4918: Overview of the F5 critical issue...

K50375550: A specifically crafted HTTP request may lead the BIG-IP system to pass malformed HTTP requests to a target pool member web server (HTTP Desync Attack)

Security Advisory Description A specifically crafted HTTP request that contains Content-Length and Transfer-Encoding headers may lead the BIG-IP system to pass malformed HTTP requests to a target pool member web server. This issue occurs when the following condition is met: A virtual server...

K48382137: Bootstrap vulnerability CVE-2018-14040

Security Advisory Description In Bootstrap before 4.1.2, XSS is possible in the collapse data-parent attribute. CVE-2018-14040 Impact An attacker may exploit this vulnerability to perform a cross-site scripting XSS attack. Security Advisory Status F5 Product Development has assigned ID 767373...

K50455702: jQuery vulnerabilities CVE-2021-41182, CVE-2021-41183, and CVE-2021-41184

Security Advisory Description CVE-2021-41182 jQuery-UI is the official jQuery user interface library. Prior to version 1.13.0, accepting the value of the altField option of the Datepicker widget from untrusted sources may execute untrusted code. The issue is fixed in jQuery UI 1.13.0. Any string...

K14609: OpenSSH vulnerability CVE-2008-5161

Security Advisory Description Error handling in the SSH protocol in 1 SSH Tectia Client and Server and Connector 4.0 through 4.4.11, 5.0 through 5.2.4, and 5.3 through 5.3.8; Client and Server and ConnectSecure 6.0 through 6.0.4; Server for Linux on IBM System z 6.0.4; Server for IBM z/OS 5.5.1 a...

K25527955: SNMP vulnerability CVE-2002-0013

Security Advisory Description Vulnerabilities in the SNMPv1 request handling of a large number of SNMP implementations allow remote attackers to cause a denial of service or gain privileges via 1 GetRequest, 2 GetNextRequest, and 3 SetRequest messages, as demonstrated by the PROTOS c06-SNMPv1 tes...

SOL93600123 - OpenSSL vulnerability CVE-2016-2107

2 IPsec is vulnerable only in phase 1 IKE racoon, if configured to use AES-CBC. Vulnerability Recommended Actions If you are running a version listed in the Versions known to be vulnerable column, you can eliminate this vulnerability by upgrading to a version listed in the Versions known to be no...

K61529042: Log4j vulnerability CVE-2019-17571

Security Advisory Description Included in Log4j 1.2 is a SocketServer class that is vulnerable to deserialization of untrusted data which can be exploited to remotely execute arbitrary code when combined with a deserialization gadget when listening to untrusted network traffic for log data. This...

K44030142: OpenSSL vulnerabilities CVE-2022-3786 and CVE-2022-3602

Security Advisory Description CVE-2022-3786 A buffer overrun can be triggered in X.509 certificate verification, specifically in name constraint checking. Note that this occurs after certificate chain signature verification and requires either a CA to have signed a malicious certificate or for an...

K02453220: jQuery vulnerability CVE-2020-11022

Security Advisory Description In jQuery versions greater than or equal to 1.2 and before 3.5.0, passing HTML from untrusted sources - even after sanitizing it - to one of jQuery's DOM manipulation methods i.e. .html, .append, and others may execute untrusted code. This problem is patched in jQuer...

K15325: OpenSSL vulnerability CVE-2014-0224

Security Advisory Description OpenSSL before 0.9.8za, 1.0.0 before 1.0.0m, and 1.0.1 before 1.0.1h does not properly restrict processing of ChangeCipherSpec messages, which allows man-in-the-middle attackers to trigger use of a zero-length master key in certain OpenSSL-to-OpenSSL communications,...

K15277: ICMP vulnerability CVE-1999-0524

Security Advisory Description ICMP information such as 1 netmask and 2 timestamp is allowed from arbitrary hosts. CVE-1999-0524 Impact This vulnerability allows unauthorized disclosure of information. Security Advisory Status To determine if your release is known to be vulnerable, the components ...

K01552024: Apache vulnerability CVE-2021-40438

Security Advisory Description A crafted request uri-path can cause modproxy to forward the request to an origin server chosen by the remote user. This issue affects Apache HTTP Server 2.4.48 and earlier. CVE-2021-40438 Impact A remote attacker can exploit this vulnerability by sending a specially...

K23173103: log4j vulnerability CVE-2017-5645

Security Advisory Description In Apache Log4j 2.x before 2.8.2, when using the TCP socket server or UDP socket server to receive serialized log events from another application, a specially crafted binary payload can be sent that, when deserialized, can execute arbitrary code. CVE-2017-5645 Impact...

SOL16470 - Linux kernel vulnerability CVE-2002-0510

Note: As of February 17, 2015, AskF5 Security Advisory articles include the Severity value. Security Advisory articles published before this date do not list a Severity value. Recommended Action None Supplemental Information SOL9970: Subscribing to email notifications regarding F5 products SOL995...

K15504: OpenSSH vulnerability CVE-2014-1692

Security Advisory Description The hashbuffer function in schnorr.c in OpenSSH through 6.4, when Makefile.inc is modified to enable the J-PAKE protocol, does not initialize certain data structures, which might allow remote attackers to cause a denial of service memory corruption or have unspecifie...

K34125394: Apache HTTPD vulnerability CVE-2017-3167

Security Advisory Description In Apache httpd 2.2.x before 2.2.33 and 2.4.x before 2.4.26, use of the apgetbasicauthpw by third-party modules outside of the authentication phase may lead to authentication requirements being bypassed. CVE-2017-3167 Impact When this vulnerability is exploited, an...

SOL01587042 - BIG-IP SPDY and HTTP/2 profile vulnerability CVE-2016-7475

Vulnerability Recommended Actions If you are running a version listed in the Versions known to be vulnerable column, you can eliminate this vulnerability by upgrading to a version listed in the Versions known to be not vulnerable column. If the table lists only an older version than what you are...

SOL17263 - OpenSSH vulnerabilities CVE-2015-6563 and CVE-2015-6564

Vulnerability Recommended Actions If the previous table lists a version in the Versions known to be not vulnerable column, you can eliminate this vulnerability by upgrading to the listed version. If the listed version is older than the version you are currently running, or if the table does not...

K23022557: The BIG-IP system may respond with the NXDOMAIN status when it receives a DNS query of a certain type on a CNAME wide IP

Security Advisory Description The BIG-IP system may respond with the NXDOMAIN status when it receives a DNS query on a CNAME wide IP. This issue occurs when all of the following conditions are met: The BIG-IP system is configured with a CNAME wide IP. For example: test.example.com The BIG-IP syst...

SOL50116122 - Apache Tomcat vulnerability CVE-2016-6816

Vulnerability Recommended Actions If you are running a version listed in the Versions known to be vulnerable column, you can eliminate this vulnerability by upgrading to a version listed in the Versions known to be not vulnerable column. If the table lists only an older version than what you are...

K24383845: Bootstrap vulnerability CVE-2019-8331

Security Advisory Description In Bootstrap before 3.4.1 and 4.3.x before 4.3.1, XSS is possible in the tooltip or popover data-template attribute. CVE-2019-8331 Impact An attacker can inject a malicious script into a client browser. Additionally, an attacker can trick a user into running maliciou...

K29042031: Multiple Spring Framework vulnerabilities

Security Advisory Description On April 5th, 2018, three new vulnerabilities were published in the popular Java web framework called Spring. Details on these vulnerabilities and exploit code are not yet available, and mitigation details may change if and when the exploit code is available. You can...

SOL11307303 - OpenSSL vulnerability CVE-2016-8610

Vulnerability Recommended Actions If you are running a version listed in the Versions known to be vulnerable column, you can eliminate this vulnerability by upgrading to a version listed in the Versions known to be not vulnerable column. If the table lists only an older version than what you are...

K13114: Apache Range header vulnerability - CVE-2011-3192

Security Advisory Description The byte-range filter in the Apache HTTP Server 1.3.x, 2.0.x through 2.0.64, and 2.2.x through 2.2.19 allows remote attackers to cause a denial-of-service memory and CPU consumption using aRange header that expresses multiple overlapping ranges. When this vulnerabili...

K000139044: Apache httpd vulnerabilities CVE-2011-1176, CVE-2011-2688, CVE-2013-0942, CVE-2013-2765, and CVE-2013-4365

Security Advisory Description CVE-2011-1176 The configuration merger in itk.c in the Steinar H. Gunderson mpm-itk Multi-Processing Module 2.2.11-01 and 2.2.11-02 for the Apache HTTP Server does not properly handle certain configuration sections that specify NiceValue but not AssignUserID, which...

K53280389: Apache HTTP server vulnerability CVE-2021-44790

Security Advisory Description A carefully crafted request body can cause a buffer overflow in the modlua multipart parser r:parsebody called from Lua scripts. The Apache httpd team is not aware of an exploit for the vulnerabilty though it might be possible to craft one. This issue affects Apache...

SOL16961 - TLS MAC error vulnerability

Vulnerability Recommended Actions None Acknowledgements F5 would like to acknowledge Yngve N. Pettersen of TLS Prober Labs for bringing this issue to our attention, and for following the highest standards of responsible disclosure. Supplemental Information SOL9970: Subscribing to email...

SOL15261 - Apache Struts vulnerability CVE-2014-0112

Recommended action None Supplemental Information SOL9970: Subscribing to email notifications regarding F5 products SOL9957: Creating a custom RSS feed to view new and updated documents SOL4602: Overview of the F5 security vulnerability response policy SOL4918: Overview of the F5 critical issue...

SOL14446 - OpenSSH vulnerability CVE-2012-0814

Vulnerability Recommended Actions None Supplemental Information SOL9970: Subscribing to email notifications regarding F5 products SOL9957: Creating a custom RSS feed to view new and updated documents. SOL4602: Overview of the F5 security vulnerability response policy SOL4918: Overview of the F5...

K70084351: Apache HTTPD vulnerability CVE-2017-9798

Security Advisory Description Apache httpd allows remote attackers to read secret data from process memory if the Limit directive can be set in a user's .htaccess file, or if httpd.conf has certain misconfigurations, aka Optionsbleed. This affects the Apache HTTP Server through 2.2.34 and 2.4.x...

K23289753: Apache Struts vulnerability CVE-2017-9791

Security Advisory Description The Struts 1 plugin in Apache Struts 2.3.x might allow remote code execution via a malicious field value passed in a raw message to the ActionMessage. CVE-2017-9791 Impact There is no impact; F5 products are not affected by this vulnerability. Security Advisory Statu...

SOL16339 - Multiple PHP vulnerabilities CVE-2014-9425, CVE-2014-9426, CVE-2014-9427, CVE-2015-0231, and CVE-2015-0232

Recommended Action None Supplemental Information SOL9970: Subscribing to email notifications regarding F5 products SOL9957: Creating a custom RSS feed to view new and updated documents SOL4602: Overview of the F5 security vulnerability response policy SOL4918: Overview of the F5 critical issue...

K11315080: OpenSSH vulnerability CVE-2018-20685

Security Advisory Description In OpenSSH 7.9, scp.c in the scp client allows remote SSH servers to bypass intended access restrictions via the filename of . or an empty filename. The impact is modifying the permissions of the target directory on the client side. CVE-2018-20685 Impact The OpenSSH...

SOL17113 - OpenSSH vulnerability CVE-2015-5600

Vulnerability Recommended Actions If you are running a version listed in the Versions known to be vulnerable column, you can eliminate this vulnerability by upgrading to a version listed in the Versions known to be not vulnerable column. If the table lists only an older version than what you are...

K17241: Linux kernel vulnerability CVE-2014-9585

Security Advisory Description The vdsoaddr function in arch/x86/vdso/vma.c in the Linux kernel through 3.18.2 does not properly choose memory locations for the vDSO area, which makes it easier for local users to bypass the ASLR protection mechanism by guessing a location at the end of a PMD...

K62031468: Linux Kernel vulnerability CVE-2019-19060, CVE-2019-19067, CVE-2019-19069, CVE-2019-19081, CVE-2019-19083

Security Advisory Description CVE-2019-19060 A memory leak in the adisupdatescanmode function in drivers/iio/imu/adisbuffer.c in the Linux kernel before 5.3.9 allows attackers to cause a denial of service memory consumption, aka CID-ab612b1daf41. CVE-2019-19067 DISPUTED Four memory leaks in the...

K43312023: Grafana vulnerability CVE-2021-43798

Security Advisory Description Grafana is an open-source platform for monitoring and observability. Grafana versions 8.0.0-beta1 through 8.3.0 except for patched versions iss vulnerable to directory traversal, allowing access to local files. The vulnerable URL path is: /public/plugins//, where is...