K15557: OpenSSH vulnerability CVE-2011-4327

Security Advisory Description ssh-keysign.c in ssh-keysign in OpenSSH before 5.8p2 on certain platforms executes ssh-rand-helper with unintended open file descriptors, which allows local users to obtain sensitive key information via the ptrace system call. CVE-2011-4327 Impact None. F5 products a...

K55580033: iControl REST vulnerability CVE-2022-35728

Security Advisory Description An authenticated user's iControl REST token may remain valid for a limited time after logging out from the Configuration utility. CVE-2022-35728 Impact A remote unauthenticated attacker may be able to reuse, for a limited time, an authenticated user's iControl REST...

K98009539: PHP/PCRE vulnerability CVE-2016-1283

Security Advisory Description The pcrecompile2 function in pcrecompile.c in PCRE 8.38 mishandles the /?:F?+?:^?Ra+"99-?J?R?R?RR?R\97?J?J?R?R\99|:?|?R\kR|?RHRRHR/ pattern and related patterns with named subgroups, which allows remote attackers to cause a denial of service heap-based buffer...

K30573026: BIG-IP virtual server with FastL4 profile vulnerability CVE-2022-23027

Security Advisory Description When a FastL4 profile and an HTTP, FIX, and/or hash persistence profile are configured on the same virtual server, undisclosed requests can cause the virtual server to stop processing new client connections. CVE-2022-23027 Impact Traffic is disrupted for new client...

SOL15640 - GNU C Library (glibc) vulnerabilities CVE-2014-0475, CVE-2014-5119, CVE-2013-4458

Most ARX components are based on GNU C library code. Recommended action If the previous table lists a version in the Versions known to be not vulnerable column, you can eliminate this vulnerability by upgrading to the listed version. If the table does not list any version in the column, then no...

K93135205: Apache Struts 2 vulnerability CVE-2016-4436

Security Advisory Description Apache Struts 2 before 2.3.29 and 2.5.x before 2.5.1 allow attackers to have unspecified impact via vectors related to improper action name clean up. CVE-2016-4436 Impact There is no impact; F5 products are not affected by this vulnerability. Security Advisory Status...

K23605346: BIG-IP iControl REST vulnerability CVE-2022-1388

Security Advisory Description Undisclosed requests may bypass iControl REST authentication. CVE-2022-1388 Impact This vulnerability may allow an unauthenticated attacker with network access to the BIG-IP system through the management port and/or self IP addresses to execute arbitrary system...

K13335141: Intel CPU vulnerability CVE-2022-21180

Security Advisory Description Improper input validation for some IntelR Processors may allow an authenticated user to potentially cause a denial of service via local access. CVE-2022-21180 Impact There is no impact; F5 products are not affected by this vulnerability. Security Advisory Status F5...

K13401920: Apache HTTPD vulnerability CVE-2021-36160

Security Advisory Description A carefully crafted request uri-path can cause modproxyuwsgi to read above the allocated memory and crash DoS. This issue affects Apache HTTP Server versions 2.4.30 to 2.4.48 inclusive. CVE-2021-36160 Impact A remote attacker, through a crafted request, can exploit t...

K37681312: PHP vulnerability CVE-2019-9020

Security Advisory Description An issue was discovered in PHP before 5.6.40, 7.x before 7.1.26, 7.2.x before 7.2.14, and 7.3.x before 7.3.1. Invalid input to the function xmlrpcdecode can lead to an invalid memory access heap out of bounds read or read after free. This is related to xmlelemparsebu...

K04665443: OpenSSH vulnerability CVE-2021-36368

Security Advisory Description DISPUTED An issue was discovered in OpenSSH before 8.9. If a client is using public-key authentication with agent forwarding but without -oLogLevel=verbose, and an attacker has silently modified the server to support the None authentication option, then the user cann...

K52340447: F5 ePVA vulnerability CVE-2022-28705

Security Advisory Description On platforms with an ePVA and the pva.fwdaccel BigDB variable enabled, undisclosed requests to a virtual server with a FastL4 profile that has ePVA acceleration enabled can cause the Traffic Management Microkernel TMM process to terminate. CVE-2022-28705 Impact Traff...

SOL35799130 - Multiple PHP vulnerabilities

Vulnerability Recommended Actions None Supplemental Information SOL9970: Subscribing to email notifications regarding F5 products SOL9957: Creating a custom RSS feed to view new and updated documents SOL4602: Overview of the F5 security vulnerability response policy SOL4918: Overview of the F5...

SOL07538415 - Multiple OpenSSL vulnerabilities

Supplemental Information SOL9970: Subscribing to email notifications regarding F5 products SOL9957: Creating a custom RSS feed to view new and updated documents SOL4918: Overview of the F5 critical issue hotfix policy...

K17457324: PHP vulnerability CVE-2020-7066

Security Advisory Description In PHP versions 7.2.x below 7.2.9, 7.3.x below 7.3.16 and 7.4.x below 7.4.34, while using getheaders with user-supplied URL, if the URL contains zero \0 character, the URL will be silently truncated at it. This may cause some software to make incorrect assumptions...

K40663742: OpenSSH vulnerability CVE-2004-1653

Security Advisory Description The default configuration for OpenSSH enables AllowTcpForwarding, which could allow remote authenticated users to perform a port bounce, when configured with an anonymous access program such as AnonCVS. CVE-2004-1653 Impact There is no impact; F5 products are not...

K07538415: Multiple OpenSSL vulnerabilities

Security Advisory Description On May 3, 2016, OpenSSL announced the discovery of the following vulnerabilities: CVE-2016-2105 CVE-2016-2106 CVE-2016-2107 CVE-2016-2108 CVE-2016-2109 CVE-2016-2176 For the complete announcement from OpenSSL, refer to OpenSSL Security Advisory 3rd May 2016. Note :...

SOL41103561 - libxml2 vulnerability CVE-2016-4448

Vulnerability Recommended Actions If you are running a version listed in the Versions known to be vulnerable column, you can eliminate this vulnerability by upgrading to a version listed in the Versions known to be not vulnerable column. If the table lists only an older version than what you are...

SOL56138200 - PHP vulnerability CVE-2016-3078

Vulnerability Recommended Actions None Supplemental Information SOL9970: Subscribing to email notifications regarding F5 products SOL9957: Creating a custom RSS feed to view new and updated documents SOL4602: Overview of the F5 security vulnerability response policy SOL4918: Overview of the F5...

SOL16128 - Microsoft Schannel vulnerability CVE-2014-6321

Vulnerability Recommended Actions None Supplemental Information SOL9970: Subscribing to email notifications regarding F5 products SOL9957: Creating a custom RSS feed to view new and updated documents. SOL4602: Overview of the F5 security vulnerability response policy SOL4918: Overview of the F5...

K64921482: Apache Tomcat vulnerability CVE-2018-11784

Security Advisory Description When the default servlet in Apache Tomcat versions 9.0.0.M1 to 9.0.11, 8.5.0 to 8.5.33 and 7.0.23 to 7.0.90 returned a redirect to a directory e.g. redirecting to '/foo/' when the user requested '/foo' a specially crafted URL could be used to cause the redirect to be...

K13519: Multiple PHP vulnerabilities

Security Advisory Description PHP has been cited with the following multiple vulnerabilities, which may be locally exploitable on some F5 products: CVE-2006-7243 PHP before 5.3.4 accepts the \0 character in a pathname, which might allow context-dependent attackers to bypass intended access...

K19473898: Expat vulnerabilities CVE-2022-23852, CVE-2022-25235, CVE-2022-25236, and CVE-2022-25315

Security Advisory Description CVE-2022-23852 Expat aka libexpat before 2.4.4 has a signed integer overflow in XMLGetBuffer, for configurations with a nonzero XMLCONTEXTBYTES. CVE-2022-25235 xmltokimpl.c in Expat aka libexpat before 2.4.5 lacks certain validation of encoding, such as checks for...

K24207649: GNU C Library (glibc) vulnerability CVE-2021-3999

Security Advisory Description A flaw was found in glibc. An off-by-one buffer overflow and underflow in getcwd may lead to memory corruption when the size of the buffer is exactly 1. A local attacker who can control the input buffer and size passed to getcwd in a setuid program could use this fla...

K50343021: Node-vm2 vulnerability CVE-2022-36067

Security Advisory Description vm2 is a sandbox that can run untrusted code with whitelisted Node's built-in modules. In versions prior to version 3.9.11, a threat actor can bypass the sandbox protections to gain remote code execution rights on the host running the sandbox. This vulnerability was...

K86488846: Sudo vulnerability CVE-2021-3156

Security Advisory Description Sudo before 1.9.5p2 has a Heap-based Buffer Overflow, allowing privilege escalation to root via "sudoedit -s" and a command-line argument that ends with a single backslash character. CVE-2021-3156 Impact A local attacker can exploit the vulnerability to escalate thei...

K15850913: PHP vulnerability CVE-2016-6290

Security Advisory Description ext/session/session.c in PHP before 5.5.38, 5.6.x before 5.6.24, and 7.x before 7.0.9 does not properly maintain a certain hash data structure, which allows remote attackers to cause a denial of service use-after-free or possibly have unspecified other impact via...

K05121675: F5 TLS vulnerability CVE-2016-9244

Security Advisory Description A BIG-IP SSL virtual server with the non-default Session Tickets option enabled may leak up to 31 bytes of uninitialized memory, aka the Ticketbleed bug. CVE-2016-9244 Impact A BIG-IP virtual server configured with a Client SSL profile that has the non-default Sessio...

K14161: OpenSSH vulnerability CVE-2007-4752

Security Advisory Description When OpenSSH prior to version 4.7 fails to generate an untrusted cookie, it falls back to create a trusted X11 authentication cookie instead. As a result, attackers may be able to launch an unauthorized forwarded X11 session through SSH. Impact None. F5 products do n...

K20451100: Apache vulnerability CVE-2022-22721

Security Advisory Description If LimitXMLRequestBody is set to allow request bodies larger than 350MB defaults to 1M on 32 bit systems an integer overflow happens which later causes out of bounds writes. This issue affects Apache HTTP Server 2.4.52 and earlier. CVE-2022-22721 Impact There is no...

K87922456: NTP vulnerability CVE-2016-9310

Security Advisory Description The control mode mode 6 functionality in ntpd in NTP before 4.2.8p9 allows remote attackers to set or unset traps via a crafted control mode packet. CVE-2016-9310 Impact In default configurations, F5 products are not vulnerable. If you remove the default restrict...

K48281956: NFSv2/3 kernel vulnerability CVE-2017-7645

Security Advisory Description The NFSv2/NFSv3 server in the nfsd subsystem in the Linux kernel through 4.10.11 allows remote attackers to cause a denial of service system crash via a long RPC reply, related to net/sunrpc/svc.c, fs/nfsd/nfs3xdr.c, and fs/nfsd/nfsxdr.c. CVE-2017-7645 Impact There i...

K10631153: Apache Solr vulnerability CVE-2017-12629

Security Advisory Description Remote code execution occurs in Apache Solr before 7.1 with Apache Lucene before 7.1 by exploiting XXE in conjunction with use of a Config API add-listener command to reach the RunExecutableListener class. Elasticsearch, although it uses Lucene, is NOT vulnerable to...

K13559191: Linux kernel vulnerability CVE-2022-25636

Security Advisory Description net/netfilter/nfdupnetdev.c in the Linux kernel 5.4 through 5.6.10 allows local users to gain privileges because of a heap out-of-bounds write. This is related to nftablesoffload. CVE-2022-25636 Impact BIG-IP, BIG-IQ Centralized Management, BIG-IP SPK, F5OS-A, and...

K15498: Multiple PHP vulnerabilities

Security Advisory Description Description CVE-2014-3981 acinclude.m4, as used in the configure script in PHP 5.5.13 and earlier, allows local users to overwrite arbitrary files via a symlink attack on the /tmp/phpglibccheck file. CVE-2014-4049 Heap-based buffer overflow in the phpparserr function...

SOL98009539 - PHP/PCRE vulnerability CVE-2016-1283

Vulnerability Recommended Actions None Supplemental Information SOL9970: Subscribing to email notifications regarding F5 products SOL9957: Creating a custom RSS feed to view new and updated documents SOL4602: Overview of the F5 security vulnerability response policy SOL4918: Overview of the F5...

K17113: OpenSSH vulnerability CVE-2015-5600

Security Advisory Description The kbdintnextdevice function in auth2-chall.c in sshd in OpenSSH through 6.9 does not properly restrict the processing of keyboard-interactive devices within a single connection, which makes it easier for remote attackers to conduct brute-force attacks or cause a...

K73217235: pppd vulnerability CVE-2020-8597

Security Advisory Description eap.c in pppd in ppp 2.4.2 through 2.4.8 has an rhostname buffer overflow in the eaprequest and eapresponse functions. CVE-2020-8597 Impact There is no impact; F5 products are not affected by this vulnerability. Security Advisory Status F5 Product Development has...

K59904248: iControl SOAP vulnerability CVE-2022-29474

Security Advisory Description A directory traversal vulnerability exists in iControl SOAP that allows an authenticated attacker with at least guest role privileges to read wsdl files in the BIG-IP file system. CVE-2022-29474 Impact An authenticated attacker with at least guest role privileges may...

K21548854: zlib vulnerability CVE-2018-25032

Security Advisory Description zlib before 1.2.12 allows memory corruption when deflating i.e., when compressing if the input has many distant matches. CVE-2018-25032 Impact This vulnerability results in corrupted output, which leads to out-of-bound access, corrupting the memory and potentially...

SOL17313 - PHP vulnerability CVE-2014-4721

The phpinfo implementation in ext/standard/info.c in PHP before 5.4.30 and 5.5.x before 5.5.14 does not ensure use of the string data type for the PHPAUTHPW, PHPAUTHTYPE, PHPAUTHUSER, and PHPSELF variables, which might allow context-dependent attackers to obtain sensitive information from process...

SOL14712 - The BIG-IP APM access policy logout page may be vulnerable to XSS cookie tampering

Recommended action To eliminate this vulnerability, upgrade to a version that is listed in the Versions known to be not vulnerable column in the previous table. To mitigate this vulnerability, you can modify the logout web page to null the specific code identified at issue. To do so, perform the...

K40582331: Apache HTTP server vulnerability CVE-2022-28615

Security Advisory Description Apache HTTP Server 2.4.53 and earlier may crash or disclose information due to a read beyond bounds in apstrcmpmatch when provided with an extremely large input buffer. While no code distributed with the server can be coerced into such a call, third-party modules or...

K73926196: PHPMailer vulnerability CVE-2016-10045

Security Advisory Description The isMail transport in PHPMailer before 5.2.20 might allow remote attackers to pass extra parameters to the mail command and consequently execute arbitrary code by leveraging improper interaction between the escapeshellarg function and internal escaping performed in...

K15273: Apache vulnerability CVE-2012-0053

Security Advisory Description protocol.c in the Apache HTTP Server 2.2.x through 2.2.21 does not properly restrict header information during construction of Bad Request aka 400 error documents, which allows remote attackers to obtain the values of HTTPOnly cookies via vectors involving a 1 long o...

K04831884: MySQL vulnerabilities CVE-2019-2800, CVE-2019-2801, CVE-2019-2802, CVE-2019-2803, and CVE-2019-2805

Security Advisory Description CVE-2019-2800 Vulnerability in the MySQL Server component of Oracle MySQL subcomponent: Server: Replication. Supported versions that are affected are 8.0.16 and prior. Easily exploitable vulnerability allows low privileged attacker with network access via multiple...

K15254040: Linux kernel vulnerability CVE-2018-1130

Security Advisory Description Linux kernel before version 4.16-rc7 is vulnerable to a null pointer dereference in dccpwritexmit function in net/dccp/output.c in that allows a local user to cause a denial of service by a number of certain crafted system calls. CVE-2018-1130 Impact There is no...

K67175700: Apache vulnerabilities CVE-2020-9490, CVE-2020-11984, CVE-2020-11993

Security Advisory Description CVE-2020-9490 Apache HTTP Server versions 2.4.20 to 2.4.43. A specially crafted value for the 'Cache-Digest' header in a HTTP/2 request would result in a crash when the server actually tries to HTTP/2 PUSH a resource afterwards. Configuring the HTTP/2 feature via...

K56138200: PHP vulnerability CVE-2016-3078

Security Advisory Description Multiple integer overflows in phpzip.c in the zip extension in PHP before 7.0.6 allow remote attackers to cause a denial of service heap-based buffer overflow and application crash or possibly have unspecified other impact via a crafted call to 1 getFromIndex or 2...

K5857: Client certificate check vulnerability in Apache - CVE-2005-2700

Security Advisory Description Note: Versions that are not listed in this Solution have not been evaluated for vulnerability to this security advisory. For information on F5 Networks' security policy regarding evaluating older and unsupported versions of F5 Networks products, refer to K4602:...