Lucene search
K

6402 matches found

F5 Networks
F5 Networks
•added 2023/03/14 3:32 p.m.•41 views

K000132965: Apache vulnerability CVE-2023-27522

Security Advisory Description HTTP Response Smuggling vulnerability in Apache HTTP Server via modproxyuwsgi. This issue affects Apache HTTP Server: from 2.4.30 through 2.4.55. Special characters in the origin response header can truncate/split the response forwarded to the client. CVE-2023-27522...

7.5CVSS7.9AI score0.02134EPSS
Exploits0Affected Software1
F5 Networks
F5 Networks
•added 2023/02/21 8:2 p.m.•41 views

K44340019: rpcbind use-after-free vulnerability CVE-2015-7236

Security Advisory Description Use-after-free vulnerability in xprtsetcaller in rpcbsvccom.c in rpcbind 0.2.1 and earlier allows remote attackers to cause a denial of service daemon crash via crafted packets, involving a PMAPCALLIT code.CVE-2015-7236 Impact There is no impact; F5 products are not...

7.5CVSS7.5AI score0.06408EPSS
Exploits0
F5 Networks
F5 Networks
•added 2023/02/21 8:0 p.m.•41 views

K30272432: RubyGems vulnerability CVE-2021-41817

Security Advisory Description Date.parse in the date gem through 3.2.0 for Ruby allows ReDoS regular expression Denial of Service via a long string. The fixed versions are 3.2.1, 3.1.2, 3.0.2, and 2.0.1. CVE-2021-41817 Impact There is no impact; F5 products are not affected by this vulnerability...

7.5CVSS7.3AI score0.03222EPSS
Exploits1
F5 Networks
F5 Networks
•added 2023/02/21 8:0 p.m.•41 views

K54229563: Python vulnerability CVE-2010-3492

Security Advisory Description The asyncore module in Python before 3.2 does not properly handle unsuccessful calls to the accept function, and does not have accompanying documentation describing how daemon applications should handle unsuccessful calls to the accept function, which makes it easier...

5CVSS7.2AI score0.03627EPSS
Exploits0
F5 Networks
F5 Networks
•added 2023/02/21 7:58 p.m.•41 views

K15150: cURL and libcurl vulnerability CVE-2013-4545

Security Advisory Description cURL and libcurl 7.18.0 through 7.32.0, when built with OpenSSL, disables the certificate CN and SAN name field verification CURLOPTSSLVERIFYHOST when the digital signature verification CURLOPTSSLVERIFYPEER is disabled, which allows man-in-the-middle attackers to spo...

4.3CVSS5.6AI score0.03076EPSS
Exploits0
F5 Networks
F5 Networks
•added 2023/02/21 7:58 p.m.•41 views

K79428827: BIG-IP APM OCSP vulnerability CVE-2021-23047

Security Advisory Description When BIG-IP APM performs Online Certificate Status Protocol OCSP verification of a certificate that contains Authority Information Access AIA, undisclosed requests may cause an increase in memory use. CVE-2021-23047 Impact This vulnerability allows a remote attacker ...

5.3CVSS5.6AI score0.00598EPSS
Exploits0Affected Software1
F5 Networks
F5 Networks
•added 2023/02/21 7:58 p.m.•41 views

K04912972: NTP vulnerability CVE-2018-7185

Security Advisory Description The protocol engine in ntp 4.2.6 before 4.2.8p11 allows a remote attackers to cause a denial of service disruption by continually sending a packet with a zero-origin timestamp and source IP address of the "other side" of an interleaved association causing the victim...

7.5CVSS7.2AI score0.09056EPSS
Exploits0Affected Software17
F5 Networks
F5 Networks
•added 2023/02/21 7:58 p.m.•41 views

K44110411: BIG-IP SIP ALG vulnerability CVE-2022-23025

Security Advisory Description When a SIP ALG profile is configured on a virtual server, undisclosed requests can cause the Traffic Management Microkernel TMM to terminate. CVE-2022-23025 Impact Traffic is disrupted while the TMM process restarts. This vulnerability allows an unauthenticated remot...

7.5CVSS7.5AI score0.00904EPSS
Exploits0Affected Software1
F5 Networks
F5 Networks
•added 2023/02/21 7:56 p.m.•41 views

K02254805: InfiniBand vulnerability in the Linux kernel CVE-2016-4565

Security Advisory Description The InfiniBand aka IB stack in the Linux kernel before 4.5.3 incorrectly relies on the write system call, which allows local users to cause a denial of service kernel memory write operation or possibly have unspecified other impact via a uAPI interface. CVE-2016-4565...

7.8CVSS6.7AI score0.00483EPSS
Exploits0
F5 Networks
F5 Networks
•added 2023/02/21 7:56 p.m.•41 views

K89434121: Linux kernel vulnerability CVE-2017-12193

Security Advisory Description The assocarrayinsertintoterminalnode function in lib/assocarray.c in the Linux kernel before 4.13.11 mishandles node splitting, which allows local users to cause a denial of service NULL pointer dereference and panic via a crafted application, as demonstrated by the...

5.5CVSS5.6AI score0.00451EPSS
Exploits0
F5 Networks
F5 Networks
•added 2023/02/21 7:56 p.m.•41 views

K63545041: Server component of Oracle MySQL vulnerabilities CVE-2017-3317, CVE-2017-3318, and CVE-2017-3319

Security Advisory Description CVE-2017-3317 Vulnerability in the MySQL Server component of Oracle MySQL subcomponent: Logging. Supported versions that are affected are 5.5.53 and earlier, 5.6.34 and earlier and 5.7.16 and earlier. Difficult to exploit vulnerability allows high privileged attacker...

4CVSS5.4AI score0.01346EPSS
Exploits0
F5 Networks
F5 Networks
•added 2023/02/21 7:56 p.m.•41 views

K73837233: Intel processors vulnerability CVE-2019-0117

Security Advisory Description Insufficient access control in protected memory subsystem for IntelR SGX for 6th, 7th, 8th, 9th Generation IntelR CoreTM Processor Families; IntelR XeonR Processor E3-1500 v5, v6 Families; IntelR XeonR E-2100 & E-2200 Processor Families with IntelR Processor Graphics...

4.4CVSS5.3AI score0.00415EPSS
Exploits0
F5 Networks
F5 Networks
•added 2023/02/21 7:56 p.m.•41 views

K42433061: Intel processors vulnerability CVE-2019-11139

Security Advisory Description Improper conditions check in the voltage modulation interface for some IntelR XeonR Scalable Processors may allow a privileged user to potentially enable denial of service via local access. CVE-2019-11139 Impact There is no impact; F5 products are not affected by thi...

6CVSS6AI score0.00356EPSS
Exploits0
F5 Networks
F5 Networks
•added 2023/02/21 7:52 p.m.•41 views

K15566: Kerberos vulnerability CVE-2014-4345

Security Advisory Description Off-by-one error in the krb5encodekrbsecretkey function in plugins/kdb/ldap/libkdbldap/ldapprincipal2.c in the LDAP KDB module in kadmind in MIT Kerberos 5 aka krb5 1.6.x through 1.11.x before 1.11.6 and 1.12.x before 1.12.2 allows remote authenticated users to cause...

8.5CVSS7.5AI score0.08085EPSS
Exploits0Affected Software1
F5 Networks
F5 Networks
•added 2023/02/21 7:48 p.m.•41 views

K15236: ConfigSync IP Rsync full file system access vulnerability CVE-2014-2927

Security Advisory Description The rsync daemon in F5 BIG-IP 11.6 before 11.6.0, 11.5.1 before HF3, 11.5.0 before HF4, 11.4.1 before HF4, 11.4.0 before HF7, 11.3.0 before HF9, and 11.2.1 before HF11 and Enterprise Manager 3.x before 3.1.1 HF2, when configured in failover mode, does not require...

9.3CVSS6.7AI score0.0792EPSS
Exploits5Affected Software14
F5 Networks
F5 Networks
•added 2023/02/21 7:46 p.m.•41 views

K9528: IPv6 Neighbor Discovery Protocol (NDP) vulnerability CVE-2008-2476 - VU#472363

Security Advisory Description Note : Versions that are not listed in this article have not been evaluated for vulnerability to this security advisory. For information about the F5 security policy regarding evaluating older and unsupported versions of F5 products, refer to K4602: Overview of the F...

9.3CVSS6.4AI score0.07425EPSS
Exploits0
F5 Networks
F5 Networks
•added 2023/02/21 7:41 p.m.•41 views

K48187630: Multiple grub2 vulnerabilities

Security Advisory Description CVE-2020-14308 In grub2 versions before 2.06 the grub memory allocator doesn't check for possible arithmetic overflows on the requested allocation size. This leads the function to return invalid memory allocations which can be further used to cause possible integrity...

6.7CVSS7.6AI score0.01588EPSS
Exploits1
F5 Networks
F5 Networks
•added 2023/02/21 7:39 p.m.•41 views

K04972684: PHP vulnerability CVE-2016-3185

Security Advisory Description The makehttpsoaprequest function in ext/soap/phphttp.c in PHP before 5.4.44, 5.5.x before 5.5.28, 5.6.x before 5.6.12, and 7.x before 7.0.4 allows remote attackers to obtain sensitive information from process memory or cause a denial of service type confusion and...

7.1CVSS8AI score0.03146EPSS
Exploits0
F5 Networks
F5 Networks
•added 2023/02/21 7:38 p.m.•41 views

K23873366: OpenSSL vulnerability CVE-2016-2177

Security Advisory Description OpenSSL through 1.0.2h incorrectly uses pointer arithmetic for heap-buffer boundary checks, which might allow remote attackers to cause a denial of service integer overflow and application crash or possibly have unspecified other impact by leveraging unexpected mallo...

9.8CVSS9.3AI score0.44505EPSS
Exploits1Affected Software25
F5 Networks
F5 Networks
•added 2023/02/21 7:26 p.m.•41 views

K84408873: Infinispan vulnerability CVE-2019-10174

Security Advisory Description A vulnerability was found in Infinispan such that the invokeAccessibly method from the public class ReflectionUtil allows any application class to invoke private methods in any class with Infinispan's privileges. The attacker can use reflection to introduce new,...

8.8CVSS7.5AI score0.03089EPSS
Exploits0
F5 Networks
F5 Networks
•added 2023/02/21 7:25 p.m.•41 views

K16285: OpenSSL vulnerability CVE-2012-2110

Security Advisory Description The asn1d2ireadbio function in crypto/asn1/ad2ifp.c in OpenSSL before 0.9.8v, 1.0.0 before 1.0.0i, and 1.0.1 before 1.0.1a does not properly interpret integer data, which allows remote attackers to conduct buffer overflow attacks, and cause a denial of service memory...

7.5CVSS8.9AI score0.48298EPSS
Exploits8Affected Software13
F5 Networks
F5 Networks
•added 2023/02/21 7:5 p.m.•41 views

K17254: NTP-keygen vulnerability CVE-2015-3405

Security Advisory Description flaw was found in the way the ntp-keygen utility generated MD5 symmetric keys on big-endian systems. An attacker could possibly use this flaw to guess generated MD5 keys, which could then be used to spoof an NTP client or server. CVE-2015-3405 - pending Impact There...

7.5CVSS7.6AI score0.05292EPSS
Exploits0
F5 Networks
F5 Networks
•added 2023/02/21 7:0 p.m.•41 views

K20226900: F5 WebSafe Dashboard vulnerability CVE-2018-5545

Security Advisory Description A malicious, authenticated user can execute code on the F5 WebSafe Alert Server by using a maliciously crafted payload. CVE-2018-5545 Impact F5 WebSafe Alert Server An attacker with an authenticated account may be able to perform a malicious remote code execution on...

8.8CVSS9AI score0.02394EPSS
Exploits0
F5 Networks
F5 Networks
•added 2023/02/21 7:0 p.m.•41 views

K36784855: Apache Tomcat vulnerability CVE-2016-0762

Security Advisory Description The Realm implementations in Apache Tomcat versions 9.0.0.M1 to 9.0.0.M9, 8.5.0 to 8.5.4, 8.0.0.RC1 to 8.0.36, 7.0.0 to 7.0.70 and 6.0.0 to 6.0.45 did not process the supplied password if the supplied user name did not exist. This made a timing attack possible to...

5.9CVSS6.6AI score0.07991EPSS
Exploits0Affected Software1
F5 Networks
F5 Networks
•added 2023/02/21 7:0 p.m.•41 views

K15317: Linux kernel vulnerability CVE-2014-0101

Security Advisory Description The sctpsfdo51Dce function in net/sctp/smstatefuns.c in the Linux kernel through 3.13.6 does not validate certain authenable and authcapable fields before making an sctpsfauthenticate call, which allows remote attackers to cause a denial of service NULL pointer...

7.8CVSS6AI score0.07045EPSS
Exploits0Affected Software19
F5 Networks
F5 Networks
•added 2023/02/21 6:59 p.m.•41 views

K50112422: Linux kernel vulnerability CVE-2020-11884

Security Advisory Description In the Linux kernel through 5.6.7 on the s390 platform, code execution may occur because of a race condition, as demonstrated by code in enablesacfuaccess in arch/s390/lib/uaccess.c that fails to protect against a concurrent page table upgrade, aka CID-3f777e19d171. ...

7CVSS6.8AI score0.00397EPSS
Exploits0
F5 Networks
F5 Networks
•added 2023/02/21 6:59 p.m.•41 views

K34360320: BIG-IP FastL4 vulnerability CVE-2022-23010

Security Advisory Description When a FastL4 profile and an HTTP profile are configured on a virtual server, undisclosed requests can cause an increase in memory resource utilization. CVE-2022-23010 Impact System performance can degrade until the process is either forced to restart or is manually...

7.5CVSS7.5AI score0.00952EPSS
Exploits0Affected Software13
F5 Networks
F5 Networks
•added 2023/02/21 6:59 p.m.•41 views

K16365: glibc vulnerability CVE-2014-9402

Security Advisory Description The nssdns implementation of getnetbyname in GNU C Library aka glibc before 2.21, when the DNS backend in the Name Service Switch configuration is enabled, allows remote attackers to cause a denial of service infinite loop by sending a positive answer while a network...

7.8CVSS8AI score0.07834EPSS
Exploits3Affected Software20
F5 Networks
F5 Networks
•added 2023/02/21 6:55 p.m.•41 views

K21312421: Samba vulnerabilities CVE-2020-25718 and CVE-2021-23192

Security Advisory Description CVE-2020-25718 A flaw was found in the way samba, as an Active Directory Domain Controller, is able to support an RODC read-only domain controller. This would allow an RODC to print administrator tickets. CVE-2021-23192 A flaw was found in the way samba implemented...

8.8CVSS7.2AI score0.01953EPSS
Exploits0
F5 Networks
F5 Networks
•added 2023/02/21 6:55 p.m.•41 views

K54336216: SCP vulnerability CVE-2019-6679

Security Advisory Description The system does not properly enforce the access controls for the scp.whitelist and scp.blacklist files when paths are symbolic links symlinks. This allows authenticated users with Secure Copy SCP protocol access to overwrite certain configuration files that would...

3.6CVSS4.6AI score0.00308EPSS
Exploits0
F5 Networks
F5 Networks
•added 2023/02/21 6:55 p.m.•41 views

K37301725: Linux kernel vulnerability CVE-2017-18270

Security Advisory Description In the Linux kernel before 4.13.5, a local user could create keyrings for other users via keyctl commands, setting unwanted defaults or causing a denial of service. CVE-2017-18270 Impact There is no impact; F5 products are not affected by this vulnerability. Security...

7.1CVSS6.6AI score0.00421EPSS
Exploits0
F5 Networks
F5 Networks
•added 2023/02/21 6:54 p.m.•41 views

K17047: ICMP packet processing vulnerability CVE-2015-5058

Security Advisory Description Memory leak in the virtual server component in F5 Big-IP LTM, AAM, AFM, Analytics, APM, ASM, GTM, Link Controller, and PEM 11.5.x before 11.5.1 HF10, 11.5.3 before HF1, and 11.6.0 before HF5, BIG-IQ Cloud, Device, and Security 4.4.0 through 4.5.0, and BIG-IQ ADC 4.5....

7.8CVSS6.7AI score0.01908EPSS
Exploits0Affected Software13
F5 Networks
F5 Networks
•added 2023/02/21 6:54 p.m.•41 views

K34511555: BIG-IP and BIG-IQ AWS vulnerability CVE-2022-34844

Security Advisory Description When the Data Plane Development Kit DPDK/Elastic Network Adapter ENA driver is used with BIG-IP or BIG-IQ on Amazon Web Services AWS systems, undisclosed traffic can cause the Traffic Management Microkernel TMM to terminate. Successful exploitation relies on conditio...

7.5CVSS7AI score0.0064EPSS
Exploits0Affected Software14
F5 Networks
F5 Networks
•added 2023/02/21 6:54 p.m.•41 views

K90233102: MySQL vulnerabilities CVE-2017-10294, CVE-2017-10296, CVE-2017-10311, CVE-2017-10313, and CVE-2017-10314

Security Advisory Description CVE-2017-10294 Vulnerability in the MySQL Server component of Oracle MySQL subcomponent: Server: Optimizer. Supported versions that are affected are 5.6.37 and earlier and 5.7.19 and earlier. Easily exploitable vulnerability allows high privileged attacker with netwo...

4.9CVSS5.2AI score0.02805EPSS
Exploits0
F5 Networks
F5 Networks
•added 2023/02/21 6:54 p.m.•41 views

K23200408: reposync vulnerability CVE-2018-10897

Security Advisory Description A directory traversal issue was found in reposync, a part of yum-utils, where reposync fails to sanitize paths in remote repository configuration files. If an attacker controls a repository, they may be able to copy files outside of the destination directory on the...

9.3CVSS8.2AI score0.0571EPSS
Exploits0
F5 Networks
F5 Networks
•added 2023/02/21 6:54 p.m.•41 views

K73370428: Linux kernel vulnerability CVE-2021-34866

Security Advisory Description This vulnerability allows local attackers to escalate privileges on affected installations of Linux Kernel 5.14-rc3. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. The specific fla...

8.8CVSS8.3AI score0.00972EPSS
Exploits0
F5 Networks
F5 Networks
•added 2023/02/21 6:53 p.m.•41 views

K70191975: Apache Xerces vulnerability CVE-2016-4463

Security Advisory Description Stack-based buffer overflow in Apache Xerces-C++ before 3.1.4 allows context-dependent attackers to cause a denial of service via a deeply nested DTD. CVE-2016-4463 Impact An attacker requires privileged access to a dynamically generated XML file to exploit one of th...

7.5CVSS6.7AI score0.14138EPSS
Exploits0Affected Software3
F5 Networks
F5 Networks
•added 2023/02/21 6:53 p.m.•41 views

K10522033: Intel CSME and TXE vulnerability CVE-2019-0098

Security Advisory Description Logic bug vulnerability in subsystem for IntelR CSME before version 12.0.35, IntelR TXE before 3.1.65, 4.0.15 may allow an unauthenticated user to potentially enable escalation of privilege via physical access. CVE-2019-0098 Impact An attacker with physical access to...

7.2CVSS7.3AI score0.00472EPSS
Exploits0Affected Software1
F5 Networks
F5 Networks
•added 2023/02/21 6:53 p.m.•41 views

K47429080: Ghostscript vulnerability CVE-2016-7976

Security Advisory Description The PS Interpreter in Ghostscript 9.18 and 9.20 allows remote attackers to execute arbitrary code via crafted userparams. CVE-2016-7976 Impact There is no impact; F5 products are not affected by this vulnerability. Security Advisory Status F5 Product Development has...

8.8CVSS9.4AI score0.23453EPSS
Exploits0
F5 Networks
F5 Networks
•added 2023/02/21 6:53 p.m.•41 views

K26738102: BIG-IP APM SSO vulnerability CVE-2016-3687

Security Advisory Description Insufficient validation of the SSOORIGURI parameter occurs when using multi-domain single sign-on SSO. CVE-2016-3687 Impact An attacker may be able to tamper with the URL used to redirect the user in a multi-domain SSO environment by using BIG-IP APM. Systems that do...

5.3CVSS5.6AI score0.01209EPSS
Exploits0Affected Software2
F5 Networks
F5 Networks
•added 2023/02/21 6:53 p.m.•41 views

K39508724: TMM SSL/TLS virtual server vulnerability CVE-2016-6907

Security Advisory Description TMM SSL/TLS virtual server using CBC cipher may be vulnerable to a "Vaudenay timing attack" aka 'Padding oracle attack.' CVE-2016-6907 The BIG-IP system may be vulnerable to a padding oracle attack on the following platforms: The VIPRION B4450 blade and BIG-IP 2000 a...

6.5AI score
Exploits0Affected Software14
F5 Networks
F5 Networks
•added 2023/02/21 6:52 p.m.•42 views

K16396: GnuPG vulnerability CVE-2013-4576

Security Advisory Description GnuPG 1.x before 1.4.16 generates RSA keys using sequences of introductions with certain patterns that introduce a side channel, which allows physically proximate attackers to extract RSA keys via a chosen-ciphertext attack and acoustic cryptanalysis during decryptio...

2.1CVSS6.8AI score0.00451EPSS
Exploits0Affected Software1
F5 Networks
F5 Networks
•added 2023/02/21 6:48 p.m.•41 views

K53729441: MySQL vulnerability CVE-2016-2047

Security Advisory Description The sslverifyservercert function in sql-common/client.c in MariaDB before 5.5.47, 10.0.x before 10.0.23, and 10.1.x before 10.1.10; Oracle MySQL 5.5.48 and earlier, 5.6.29 and earlier, and 5.7.11 and earlier; and Percona Server do not properly verify that the server...

5.9CVSS6.9AI score0.03741EPSS
Exploits0Affected Software23
F5 Networks
F5 Networks
•added 2023/02/21 6:48 p.m.•41 views

K37830055: GnuTLS vulnerability CVE-2017-7507

Security Advisory Description GnuTLS version 3.5.12 and earlier is vulnerable to a NULL pointer dereference while decoding a status response TLS extension with valid contents. This could lead to a crash of the GnuTLS server application. CVE-2017-7507 Impact An attacker may be able to exploit this...

7.5CVSS7.4AI score0.0341EPSS
Exploits0Affected Software1
F5 Networks
F5 Networks
•added 2023/02/21 6:46 p.m.•41 views

K40977030: glibc vulnerability CVE-2020-6096

Security Advisory Description An exploitable signed comparison vulnerability exists in the ARMv7 memcpy implementation of GNU glibc 2.30.9000. Calling memcpy on ARMv7 targets that utilize the GNU glibc implementation with a negative value for the 'num' parameter results in a signed comparison...

8.1CVSS8.3AI score0.05223EPSS
Exploits0
F5 Networks
F5 Networks
•added 2023/02/21 6:46 p.m.•41 views

K57108702: Apache Tika XML External Entity vulnerability CVE-2016-4434

Security Advisory Description Apache Tika before 1.13 does not properly initialize the XML parser or choose handlers, which might allow remote attackers to conduct XML External Entity XXE attacks via vectors involving 1 spreadsheets in OOXML files and 2 XMP metadata in PDF and other file formats,...

7.8CVSS8AI score0.03449EPSS
Exploits0
F5 Networks
F5 Networks
•added 2023/02/21 6:46 p.m.•41 views

K87355575: glibc vulnerability CVE-2017-12132

Security Advisory Description The DNS stub resolver in the GNU C Library aka glibc or libc6 before version 2.26, when EDNS support is enabled, will solicit large UDP responses from name servers, potentially simplifying off-path DNS spoofing attacks due to IP fragmentation. CVE-2017-12132 Impact...

5.9CVSS7.6AI score0.01881EPSS
Exploits0
F5 Networks
F5 Networks
•added 2023/02/21 6:46 p.m.•41 views

K18132488: Appliance mode TMUI authenticated remote command execution vulnerability CVE-2021-22987

Security Advisory Description When running in Appliance mode, the Traffic Management User Interface TMUI, also referred to as the Configuration utility, has an authenticated remote command execution vulnerability in undisclosed pages. CVE-2021-22987 Note : For systems not running in Appliance mod...

9.9CVSS8.1AI score0.13672EPSS
Exploits1Affected Software14
F5 Networks
F5 Networks
•added 2023/02/21 6:45 p.m.•41 views

K16835: ICU overflow vulnerabilities CVE-2014-8146 and CVE-2014-8147

Security Advisory Description CVE-2014-8146 The resolveImplicitLevels function in common/ubidi.c in the Unicode Bidirectional Algorithm implementation in ICU4C in International Components for Unicode ICU before 55.1 does not properly track directionally isolated pieces of text, which allows remot...

7.5CVSS8.5AI score0.2447EPSS
Exploits4Affected Software1
F5 Networks
F5 Networks
•added 2023/02/21 6:35 p.m.•41 views

K40452417: BIG-IP ASM memory exhaustion vulnerability CVE-2019-6682

Security Advisory Description The BIG-IP ASM system may consume excessive resources when processing certain types of HTTP responses from the origin web server. This vulnerability is only known to affect resource-constrained systems in which the security policy is configured with response-side...

7.5CVSS7.5AI score0.01014EPSS
Exploits0Affected Software1
Total number of security vulnerabilities5000