Lucene search
K

6392 matches found

F5 Networks
F5 Networks
•added 2023/02/21 7:59 p.m.•32 views

K14712: The BIG-IP APM access policy logout page may be vulnerable to XSS cookie tampering CVE-2013-5976

Security Advisory Description Description The BIG-IP APM access policy logout page may be vulnerable to cross-site scripting XSS. Impact XSS protection in the BIG-IP APM access policy logout page may be insufficient. Security Advisory Status F5 Product Development tracked this vulnerability as ID...

6.2AI score
Exploits0Affected Software1
F5 Networks
F5 Networks
•added 2023/02/21 7:58 p.m.•32 views

K59145983: Intel CSME and SPS vulnerability CVE-2019-0090

Security Advisory Description Insufficient access control vulnerability in subsystem for IntelR CSME before version 12.0.35, IntelR SPS before version SPSE305.00.04.027.0 may allow unauthenticated user to potentially enable escalation of privilege via physical access. CVE-2019-0090 Impact Traffix...

7.1CVSS8.6AI score0.00362EPSS
Exploits0
F5 Networks
F5 Networks
•added 2023/02/21 7:58 p.m.•32 views

K40625021: BIG-IP APM portal access vulnerability CVE-2018-15310

Security Advisory Description A vulnerability in BIG-IP APM portal access discloses the BIG-IP software version in rewritten pages. CVE-2018-15310 Impact The BIG-IP version may be exposed to users with valid BIG-IP APM portal access sessions. Security Advisory Status F5 Product Development has...

4.3CVSS4.8AI score0.00873EPSS
Exploits0Affected Software1
F5 Networks
F5 Networks
•added 2023/02/21 7:57 p.m.•32 views

K05052081: NodeJS vulnerability CVE-2015-8854

Security Advisory Description The marked package before 0.3.4 for Node.js allows attackers to cause a denial of service CPU consumption via unspecified vectors that trigger a "catastrophic backtracking issue for the em inline rule," aka a "regular expression denial of service ReDoS." CVE-2015-885...

7.8CVSS6.3AI score0.04334EPSS
Exploits0
F5 Networks
F5 Networks
•added 2023/02/21 7:57 p.m.•32 views

K16352404: BIG-IQ DCD vulnerability CVE-2021-22996

Security Advisory Description When set up for auto failover, a BIG-IQ Data Collection Device DCD cluster member that receives an undisclosed message may cause the corosync process to abort. This behavior may lead to a denial-of-service DoS and impact the stability of a BIG-IQ high availability HA...

7.5CVSS7.4AI score0.00973EPSS
Exploits0Affected Software1
F5 Networks
F5 Networks
•added 2023/02/21 7:55 p.m.•32 views

K15310332: BIG-IP APM open redirect vulnerability CVE-2020-27729

Security Advisory Description An undisclosed link on the BIG-IP APM virtual server allows a malicious user to build an open redirect URI. CVE-2020-27729 Impact An attacker can create a URL with a specially crafted value and trick BIG-IP APM users into visiting the link. Victims may be redirected ...

6.1CVSS6.2AI score0.00634EPSS
Exploits0Affected Software1
F5 Networks
F5 Networks
•added 2023/02/21 7:55 p.m.•32 views

K77215791: Linux kernel vulnerability CVE-2017-7277

Security Advisory Description The TCP stack in the Linux kernel through 4.10.6 mishandles the SCMTIMESTAMPINGOPTSTATS feature, which allows local users to obtain sensitive information from the kernels internal socket data structures or cause a denial of service out-of-bounds read via crafted syst...

7.1CVSS6.5AI score0.00391EPSS
Exploits0
F5 Networks
F5 Networks
•added 2023/02/21 7:53 p.m.•32 views

K02138183: BIND vulnerability CVE-2016-9147

Security Advisory Description named in ISC BIND 9.9.9-P4, 9.9.9-S6, 9.10.4-P4, and 9.11.0-P1 allows remote attackers to cause a denial of service assertion failure and daemon exit via a response containing an inconsistency among the DNSSEC-related RRsets. CVE-2016-9147 Impact When the BIND...

7.5CVSS7.6AI score0.24602EPSS
Exploits0Affected Software10
F5 Networks
F5 Networks
•added 2023/02/21 7:53 p.m.•32 views

K16781: Linux kernel vulnerability CVE-2014-3535

Security Advisory Description Description include/linux/netdevice.h in the Linux kernel before 2.6.36 incorrectly uses macros for netdevprintk and its related logging implementation, which allows remote attackers to cause a denial of service NULL pointer dereference and system crash by sending...

7.8CVSS7.8AI score0.0415EPSS
Exploits1
F5 Networks
F5 Networks
•added 2023/02/21 7:53 p.m.•32 views

K15939: pl_tree.php XSS vulnerability CVE-2014-9342

Security Advisory Description Cross-site scripting XSS vulnerability in the tree view pltree.php feature in Application Security Manager ASM in F5 BIG-IP 11.3.0 allows remote attackers to inject arbitrary web script or HTML by accessing a crafted URL during automatic policy generation...

4.3CVSS5.8AI score0.02117EPSS
Exploits0Affected Software1
F5 Networks
F5 Networks
•added 2023/02/21 7:53 p.m.•32 views

K15931: Unbound vulnerability CVE-2014-8602

Security Advisory Description iterator.c in NLnet Labs Unbound before 1.5.1 does not limit delegation chaining, which allows remote attackers to cause a denial of service memory and CPU consumption via a large or infinite number of referrals. CVE-2014-8602 Impact An attacker with a properly...

4.3CVSS6.5AI score0.25205EPSS
Exploits0Affected Software1
F5 Networks
F5 Networks
•added 2023/02/21 7:49 p.m.•32 views

K45611803: TMM vulnerability CVE-2018-5530

Security Advisory Description F5 BIG-IP 13.0.0-13.1.0.5, 12.1.0-12.1.3.5, or 11.6.0-11.6.3.1 virtual servers with HTTP/2 profiles enabled are vulnerable to "HPACK Bomb". CVE-2018-5530 Impact HPACK bombs are designed to consume an abnormal amount of memory resources on a target system, which can...

7.5CVSS7.5AI score0.01782EPSS
Exploits0Affected Software9
F5 Networks
F5 Networks
•added 2023/02/21 7:41 p.m.•32 views

K77508618: Multiple Oracle MySQL vulnerabilities

Security Advisory Description CVE-2016-0502 Unspecified vulnerability in Oracle MySQL 5.5.31 and earlier and 5.6.11 and earlier allows remote authenticated users to affect availability via unknown vectors related to Optimizer. CVE-2016-0505 Unspecified vulnerability in Oracle MySQL 5.5.46 and...

7.2CVSS7.5AI score0.07505EPSS
Exploits0Affected Software14
F5 Networks
F5 Networks
•added 2023/02/21 7:41 p.m.•32 views

K17563: Apache Struts vulnerability CVE-2015-2992

Security Advisory Description Arbitrary script can be executed when JSP files are exposed to be accessed directly. Affected versions are Struts 2.0.0 - 2.3.16.3. CVE-2015-2992 Impact There is no impact; F5 products are not affected by this vulnerability. Security Advisory Status F5 Product...

6.1CVSS7AI score0.05618EPSS
Exploits0
F5 Networks
F5 Networks
•added 2023/02/21 7:40 p.m.•32 views

K8920: Linux kernel vulnerability CVE-2007-2876

Security Advisory Description Note : Versions that are not listed in this Solution have not been evaluated for vulnerability to this security advisory. For information about the F5 security policy regarding evaluating older and unsupported versions of F5 products, refer to K4602: Overview of the ...

6.1CVSS6.3AI score0.01395EPSS
Exploits0
F5 Networks
F5 Networks
•added 2023/02/21 7:39 p.m.•32 views

K06223540: F5 TCP vulnerability CVE-2015-8240

Security Advisory Description The Traffic Management Microkernel TMM in F5 BIG-IP LTM, AAM, AFM, Analytics, APM, ASM, GTM, Link Controller, and BIG-IP PEM before 11.4.1 HF10, 11.5.x before 11.5.4, and 11.6.x before 11.6.0 HF6 and BIG-IP PSM before 11.4.1 HF10 does not properly handle TCP options,...

7.5CVSS7.5AI score0.01765EPSS
Exploits0Affected Software10
F5 Networks
F5 Networks
•added 2023/02/21 7:34 p.m.•32 views

K14154: SQL injection vulnerability from an authenticated source CVE-2012-3000

Security Advisory Description An SQL injection vulnerability exists in a BIG-IP component. This local vulnerability may allow an authenticated attacker to download arbitrary files from the file system. Impact An attacker may be able to exploit the vulnerability and retrieve arbitrary files or...

7.2AI score
Exploits0
F5 Networks
F5 Networks
•added 2023/02/21 7:33 p.m.•32 views

K15928: Network Time Protocol vulnerability CVE-2009-1252

Security Advisory Description Stack-based buffer overflow in the cryptorecv function in ntpcrypto.c in ntpd in NTP before 4.2.4p7 and 4.2.5 before 4.2.5p74, when OpenSSL and autokey are enabled, allows remote attackers to execute arbitrary code via a crafted packet containing an extension field...

6.8CVSS7.3AI score0.21123EPSS
Exploits1
F5 Networks
F5 Networks
•added 2023/02/21 7:32 p.m.•32 views

K5794: Security Advisory: Perl integer sign error in format string processing - CVE-2005-3962

Security Advisory Description Note : Versions that are not listed in this Solution have not been evaluated for vulnerability to this security advisory. For information about F5 Networks' security policy regarding evaluating older and unsupported versions of F5 Networks products, refer to K4602:...

4.6CVSS9.6AI score0.01374EPSS
Exploits2
F5 Networks
F5 Networks
•added 2023/02/21 7:31 p.m.•32 views

K15343: OpenSSL vulnerability CVE-2014-0221

Security Advisory Description The dtls1getmessagefragment function in d1both.c in OpenSSL before 0.9.8za, 1.0.0 before 1.0.0m, and 1.0.1 before 1.0.1h allows remote attackers to cause a denial of service recursion and client crash via a DTLS hello message in an invalid DTLS handshake. CVE-2014-02...

4.3CVSS6.8AI score0.87892EPSS
Exploits0Affected Software17
F5 Networks
F5 Networks
•added 2023/02/21 7:30 p.m.•32 views

K17057: QEMU vulnerabilities CVE-2015-3214, CVE-2015-5154, and CVE-2015-5158

Security Advisory Description CVE-2015-3214 An out-of-bounds memory access flaw, leading to memory corruption or possibly an information leak, was found in QEMU's pitioportread function. A privileged guest user in a QEMU guest, which had QEMU PIT emulation enabled, could potentially, in rare case...

7.2CVSS8.2AI score0.01594EPSS
Exploits1
F5 Networks
F5 Networks
•added 2023/02/21 7:29 p.m.•32 views

K15642: Samba vulnerability CVE-2013-4476

Security Advisory Description Samba 4.0.x before 4.0.11 and 4.1.x before 4.1.1, when LDAP or HTTP is provided over SSL, uses world-readable permissions for a private key, which allows local users to obtain sensitive information by reading the key file, as demonstrated by access to the local...

1.2CVSS6.9AI score0.00435EPSS
Exploits0
F5 Networks
F5 Networks
•added 2023/02/21 7:28 p.m.•32 views

K15461: OpenSSL vulnerability CVE-2011-4619

Security Advisory Description The Server Gated Cryptography SGC implementation in OpenSSL before 0.9.8s and 1.x before 1.0.0f does not properly handle handshake restarts, which allows remote attackers to cause a denial of service CPU consumption via unspecified vectors. CVE-2011-4619 Impact This...

5CVSS8.5AI score0.16645EPSS
Exploits0Affected Software15
F5 Networks
F5 Networks
•added 2023/02/21 7:28 p.m.•32 views

K15160: GnuTLS vulnerability CVE-2014-0092

Security Advisory Description lib/x509/verify.c in GnuTLS before 3.1.22 and 3.2.x before 3.2.12 does not properly handle unspecified errors when verifying X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers via a crafted certificate. CVE-2014-0092 Impact...

5.8CVSS6.6AI score0.29958EPSS
Exploits1Affected Software1
F5 Networks
F5 Networks
•added 2023/02/21 7:26 p.m.•32 views

K05295501: libssh vulnerability CVE-2020-1730

Security Advisory Description A flaw was found in libssh versions before 0.8.9 and before 0.9.4 in the way it handled AES-CTR or DES ciphers if enabled ciphers. The server or client could crash when the connection hasn't been fully initialized and the system tries to cleanup the ciphers when...

5.3CVSS6.4AI score0.03065EPSS
Exploits0Affected Software1
F5 Networks
F5 Networks
•added 2023/02/21 7:25 p.m.•32 views

K17444: libXfont vulnerabilities CVE-2015-1802, CVE-2015-1803, and CVE-2015-1804

Security Advisory Description CVE-2015-1802 The bdfReadProperties function in bitmap/bdfread.c in X.Org libXfont before 1.4.9 and 1.5.x before 1.5.1 allows remote authenticated users to cause a denial of service out-of-bounds write and crash or possibly execute arbitrary code via a 1 negative or ...

8.5CVSS6.4AI score0.04923EPSS
Exploits0Affected Software1
F5 Networks
F5 Networks
•added 2023/02/21 7:25 p.m.•32 views

K89941125: mod_auth_openidc vulnerability CVE-2021-20718

Security Advisory Description modauthopenidc 2.4.0 to 2.4.7 allows a remote attacker to cause a denial-of-service DoS condition via unspecified vectors. CVE-2021-20718 Impact There is no impact; F5 products are not affected by this vulnerability. Security Advisory Status F5 Product Development ha...

7.5CVSS7.5AI score0.03395EPSS
Exploits0
F5 Networks
F5 Networks
•added 2023/02/21 7:8 p.m.•32 views

K15300: Apache HTTP Server mod_dav DoS vulnerability CVE-2013-6438

Security Advisory Description The davxmlgetcdata function in main/util.c in the moddav module in the Apache HTTP Server before 2.4.8 does not properly remove whitespace characters from CDATA sections, which allows remote attackers to cause a denial of service daemon crash via a crafted DAV WRITE...

5CVSS7.2AI score0.26831EPSS
Exploits2Affected Software1
F5 Networks
F5 Networks
•added 2023/02/21 7:6 p.m.•32 views

K23520761: BIG-IP ASM and BIG-IP AFM/BIG-IP Analytics vulnerability CVE-2018-5505

Security Advisory Description On F5 BIG-IP 13.1.0 - 13.1.0.3, when ASM and one or more of these modules AFM/AVR are provisioned, the Traffic Management Microkernel TMM may restart while processing DNS requests when the virtual server is configured with a DNS profile and the Protocol setting is se...

5.9CVSS6.1AI score0.02126EPSS
Exploits0Affected Software3
F5 Networks
F5 Networks
•added 2023/02/21 7:6 p.m.•32 views

K36361684: Apache Thrift vulnerability CVE-2018-1320

Security Advisory Description Apache Thrift Java client library versions 0.5.0 through 0.11.0 can bypass SASL negotiation isComplete validation in the org.apache.thrift.transport.TSaslTransport class. An assert used to determine if the SASL handshake had successfully completed could be disabled i...

7.5CVSS7.2AI score0.08188EPSS
Exploits0
F5 Networks
F5 Networks
•added 2023/02/21 7:0 p.m.•32 views

K09092524: Binutils vulnerability CVE-2019-9074

Security Advisory Description An issue was discovered in the Binary File Descriptor BFD library aka libbfd, as distributed in GNU Binutils 2.32. It is an out-of-bounds read leading to a SEGV in bfdgetl32 in libbfd.c, when called from pex64getruntimefunction in pei-x8664.c. CVE-2019-9074 Impact...

5.5CVSS7.4AI score0.01569EPSS
Exploits1Affected Software13
F5 Networks
F5 Networks
•added 2023/02/21 7:0 p.m.•32 views

K02884135: Binutils vulnerability CVE-2019-9071

Security Advisory Description An issue was discovered in GNU libiberty, as distributed in GNU Binutils 2.32. It is a stack consumption issue in dcounttemplatesscopes in cp-demangle.c after many recursive calls. CVE-2019-9071 Impact There is no impact; F5 products are not affected by this...

5.5CVSS6AI score0.01813EPSS
Exploits1
F5 Networks
F5 Networks
•added 2023/02/21 7:0 p.m.•32 views

K42142782: Linux kernel vulnerability CVE-2017-15121

Security Advisory Description A non-privileged user is able to mount a fuse filesystem on RHEL 6 or 7 and crash a system if an application punches a hole in a file that does not end aligned to a page boundary. CVE-2017-15121 Impact An attacker can exploit this vulnerability to cause a denial of...

5.5CVSS6.6AI score0.00398EPSS
Exploits0Affected Software19
F5 Networks
F5 Networks
•added 2023/02/21 7:0 p.m.•32 views

K10751325: TMM vulnerability CVE-2021-23011

Security Advisory Description When the BIG-IP system is buffering packet fragments for reassembly, the Traffic Management Microkernel TMM may consume an excessive amount of resources, eventually leading to a restart and failover event. CVE-2021-23011 Impact BIG-IP The Traffic Management Microkern...

7.5CVSS7.4AI score0.00961EPSS
Exploits0
F5 Networks
F5 Networks
•added 2023/02/21 6:59 p.m.•32 views

K31424926: BIG-IP APM XSS vulnerability CVE-2019-6595

Security Advisory Description Cross-site scripting XSS vulnerability in F5 BIG-IP Access Policy Manager APM 11.5.x and 11.6.x Admin Web UI. CVE-2019-6595 Impact A remote attacker may be able to access the BIG-IP APM logon page and inject arbitrary web script or HTML to launch a cross-site scripti...

6.1CVSS6AI score0.00923EPSS
Exploits0Affected Software2
F5 Networks
F5 Networks
•added 2023/02/21 6:59 p.m.•32 views

K61002104: BIG-IP AFM and PEM TMUI XSS vulnerability CVE-2019-6639

Security Advisory Description Undisclosed TMUI pages for AFM and PEM Subscriber management are vulnerable to a stored cross-site scripting XSS issue. This is a control plane issue only and is not accessible from the data plane. The attack requires a malicious resource administrator to store the...

4.8CVSS5.1AI score0.00677EPSS
Exploits0Affected Software2
F5 Networks
F5 Networks
•added 2023/02/21 6:59 p.m.•32 views

K11464209: IP Intelligence Feed List vulnerability CVE-2017-6143

Security Advisory Description X509 certificate verification was not correctly implemented in the IP Intelligence Subscription and IP Intelligence feed-list features, and thus the remote server’s identity is not properly validated in certain versions of BIG-IP. CVE-2017-6143 Impact Affected BIG-IP...

5.8CVSS5.6AI score0.00427EPSS
Exploits0Affected Software2
F5 Networks
F5 Networks
•added 2023/02/21 6:55 p.m.•32 views

K21042153: XSS vulnerability in undisclosed TMUI page CVE-2018-15313

Security Advisory Description A reflected Cross-Site Scripting XSS vulnerability exists in an undisclosed page of the BIG-IP Configuration utility that allows an attacker to execute JavaScript in the context of the current logged-in user. CVE-2018-15313 Impact BIG-IP A remote unauthenticated...

6.1CVSS6.2AI score0.01413EPSS
Exploits0
F5 Networks
F5 Networks
•added 2023/02/21 6:55 p.m.•32 views

K19361245: BIG-IP TMM vulnerability CVE-2017-6158

Security Advisory Description The Traffic Management Microkernel TMM has a vulnerability related to the handling of invalid IP addresses. CVE-2017-6158 This issue is exposed only when all of the following conditions are met: You have disabled the Auto Last Hop setting at the Virtual Server, VLAN,...

6.5CVSS6.4AI score0.01119EPSS
Exploits0Affected Software13
F5 Networks
F5 Networks
•added 2023/02/21 6:54 p.m.•32 views

K06014092: E2fsprogs vulnerabilities CVE-2019-5094 and CVE-2019-5188

Security Advisory Description CVE-2019-5094 An exploitable code execution vulnerability exists in the quota file functionality of E2fsprogs 1.45.3. A specially crafted ext4 partition can cause an out-of-bounds write on the heap, resulting in code execution. An attacker can corrupt a partition to...

7.5CVSS7.3AI score0.01105EPSS
Exploits2
F5 Networks
F5 Networks
•added 2023/02/21 6:54 p.m.•32 views

K17663061: BIG-IP SSL state mirroring vulnerability CVE-2020-5885

Security Advisory Description BIG-IP systems set up for connection mirroring in a high availability HA pair transfer sensitive cryptographic objects over an insecure communications channel. This is a control plane issue which is exposed only on the network used for connection mirroring...

9.1CVSS8.7AI score0.00809EPSS
Exploits0Affected Software11
F5 Networks
F5 Networks
•added 2023/02/21 6:54 p.m.•32 views

K65720640: BIG-IP SSL state mirroring vulnerability CVE-2020-5886

Security Advisory Description BIG-IP systems setup for connection mirroring in a High Availability HA pair transfers sensitive cryptographic objects over an insecure communications channel. This is a control plane issue which is exposed only on the network used for connection mirroring...

9.1CVSS8.8AI score0.00809EPSS
Exploits0Affected Software11
F5 Networks
F5 Networks
•added 2023/02/21 6:54 p.m.•32 views

K65615624: BIG-IP FastL4 TMM vulnerability CVE-2017-6166

Security Advisory Description In BIG-IP LTM, AAM, AFM, Analytics, APM, ASM, DNS, Link Controller, PEM, and WebSafe software 12.0.0 to 12.1.1, in some cases the Traffic Management Microkernel TMM may crash when processing fragmented packets. This vulnerability affects TMM through a virtual server...

5.9CVSS6.1AI score0.01928EPSS
Exploits0Affected Software11
F5 Networks
F5 Networks
•added 2023/02/21 6:54 p.m.•33 views

K71265658: Intel CSME vulnerability CVE-2019-0153

Security Advisory Description Buffer overflow in subsystem in IntelR CSME 12.0.0 through 12.0.34 may allow an unauthenticated user to potentially enable escalation of privilege via network access. CVE-2019-0153 Impact An attacker can exploit this vulnerability with Converged Security and Manageme...

9.8CVSS9.8AI score0.01864EPSS
Exploits0Affected Software1
F5 Networks
F5 Networks
•added 2023/02/21 6:54 p.m.•32 views

K13275: PHP vulnerability CVE-2009-3293

Security Advisory Description Unspecified vulnerability in the imagecolortransparent function in PHP prior to version 5.2.11 has unknown impact and attack vectors related to an incorrect "sanity check for the color index." CVE-2009-3293 Impact None Security Advisory Status F5 Product Development...

7.5CVSS6.6AI score0.0269EPSS
Exploits1
F5 Networks
F5 Networks
•added 2023/02/21 6:54 p.m.•32 views

K58192514: NSS vulnerability CVE-2017-7805

Security Advisory Description During TLS 1.2 exchanges, handshake hashes are generated which point to a message buffer. This saved data is used for later messages but in some cases, the handshake transcript can exceed the space available in the current buffer, causing the allocation of a new...

7.5CVSS8.1AI score0.03153EPSS
Exploits0
F5 Networks
F5 Networks
•added 2023/02/21 6:53 p.m.•32 views

K04572666: systemd vulnerability CVE-2020-13776

Security Advisory Description systemd through v245 mishandles numerical usernames such as ones composed of decimal digits or 0x followed by hex digits, as demonstrated by use of root privileges when privileges of the 0x0 user account were intended. NOTE: this issue exists because of an incomplete...

6.7CVSS6.2AI score0.00464EPSS
Exploits0
F5 Networks
F5 Networks
•added 2023/02/21 6:53 p.m.•32 views

K32157421: MySQL vulnerability CVE-2016-3495

Security Advisory Description Unspecified vulnerability in Oracle MySQL 5.7.13 and earlier allows remote administrators to affect availability via vectors related to Server: InnoDB. CVE-2016-3495 Impact There is no impact; F5 products are not affected by this vulnerability. Security Advisory Stat...

6.8CVSS4.5AI score0.02703EPSS
Exploits0
F5 Networks
F5 Networks
•added 2023/02/21 6:53 p.m.•32 views

K54358225: BIG-IP APM Portal Access vulnerability CVE-2017-0301

Security Advisory Description In F5 BIG-IP APM software versions 11.5.0, 11.5.1, 11.5.2, 11.5.3, 11.5.4, 11.6.0, 11.6.1, 12.0.0, 12.1.0, 12.1.1 and 12.1.2 BIG-IP APM portal access requests do not return the intended resources in some cases. This may allow access to internal BIG-IP APM resources,...

7.6CVSS7.7AI score0.00535EPSS
Exploits0Affected Software1
F5 Networks
F5 Networks
•added 2023/02/21 6:52 p.m.•32 views

K63163637: BIG-IP TMUI vulnerability CVE-2021-23043

Security Advisory Description A directory traversal vulnerability exists in an undisclosed page of the BIG-IP Configuration utility that allows an attacker to access arbitrary files. CVE-2021-23043 Impact An authenticated attacker may exploit this vulnerability by sending a crafted request to the...

6.5CVSS6.4AI score0.01994EPSS
Exploits0Affected Software13
Total number of security vulnerabilities5000