6392 matches found
K04572666: systemd vulnerability CVE-2020-13776
Security Advisory Description systemd through v245 mishandles numerical usernames such as ones composed of decimal digits or 0x followed by hex digits, as demonstrated by use of root privileges when privileges of the 0x0 user account were intended. NOTE: this issue exists because of an incomplete...
K32157421: MySQL vulnerability CVE-2016-3495
Security Advisory Description Unspecified vulnerability in Oracle MySQL 5.7.13 and earlier allows remote administrators to affect availability via vectors related to Server: InnoDB. CVE-2016-3495 Impact There is no impact; F5 products are not affected by this vulnerability. Security Advisory Stat...
K54358225: BIG-IP APM Portal Access vulnerability CVE-2017-0301
Security Advisory Description In F5 BIG-IP APM software versions 11.5.0, 11.5.1, 11.5.2, 11.5.3, 11.5.4, 11.6.0, 11.6.1, 12.0.0, 12.1.0, 12.1.1 and 12.1.2 BIG-IP APM portal access requests do not return the intended resources in some cases. This may allow access to internal BIG-IP APM resources,...
K51182024: libxml2 2.7.8 vulnerability CVE-2010-4494
Security Advisory Description Double free vulnerability in libxml2 2.7.8 and other versions, as used in Google Chrome before 8.0.552.215 and other products, allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors related to XPath handling...
K63163637: BIG-IP TMUI vulnerability CVE-2021-23043
Security Advisory Description A directory traversal vulnerability exists in an undisclosed page of the BIG-IP Configuration utility that allows an attacker to access arbitrary files. CVE-2021-23043 Impact An authenticated attacker may exploit this vulnerability by sending a crafted request to the...
K64343470: Linux kernel vulnerability CVE-2017-6874
Security Advisory Description Race condition in kernel/ucount.c in the Linux kernel through 4.10.2 allows local users to cause a denial of service use-after-free and system crash or possibly have unspecified other impact via crafted system calls that leverage certain decrement behavior that cause...
K23205024: MySQL Server Optimizer vulnerability CVE-2022-21438
Security Advisory Description Vulnerability in the MySQL Server product of Oracle MySQL component: Server: Optimizer. Supported versions that are affected are 8.0.28 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromis...
K16861: BIG-IQ remote authentication vulnerability CVE-2015-4637
Security Advisory Description When remote authentication is configured on the BIG-IQ system for a LDAP server that allows anonymous BIND operations, a unauthenticated user may obtain an authentication token from the REST API for any known or guessed LDAP user account and will receive all the acce...
K33211839: TMM vulnerability CVE-2018-5500
Security Advisory Description Every Multipath TCP MCTCP connection established leaks a small amount of memory. Virtual server using TCP profile with Multipath TCP MCTCP feature enabled will be affected by this issue. CVE-2018-5500 Impact Over a period of time, the memory leak may lead to memory...
K04712583: Linux kernel vulnerability CVE-2021-40490
Security Advisory Description A race condition was discovered in ext4writeinlinedataend in fs/ext4/inline.c in the ext4 subsystem in the Linux kernel through 5.13.13. CVE-2021-40490 Impact An attacker may be able to access shared resources by way of untrusted code sequences. Security Advisory...
K09208133: CUPS Vulnerabilities CVE-2018-4180, CVE-2018-4181
Security Advisory Description CVE-2018-4180 In macOS High Sierra before 10.13.5, an issue existed in CUPS. This issue was addressed with improved access restrictions. CVE-2018-4181 In macOS High Sierra before 10.13.5, an issue existed in CUPS. This issue was addressed with improved access...
K44553214: Web application firewall vulnerability CVE-2021-23050
Security Advisory Description When a cross-site request forgery CSRF-enabled policy is configured on a virtual server, an undisclosed HTML response may cause the bd process to terminate. CVE-2021-23050 Impact Traffic is disrupted until the bd process restarts. This vulnerability allows a remote...
K90305959: Intel processor diagnostic tool vulnerability CVE-2019-11133
Security Advisory Description Improper access control in the IntelR Processor Diagnostic Tool before version 4.1.2.24 may allow an authenticated user to potentially enable escalation of privilege, information disclosure or denial of service via local access. CVE-2019-11133 Impact There is no...
K26455071: BIG-IP HSB vulnerability CVE-2019-6604
Security Advisory Description Under certain conditions, hardware systems with a High-Speed Bridge HSB using non-default Layer 2 forwarding configurations may experience a lockup of the HSB. CVE-2019-6604 This vulnerability occurs when all of the following conditions are met: A VLAN group is...
K61757346: BIG-IP Azure cloud vulnerability CVE-2017-6131
Security Advisory Description In some circumstances, a BIG-IP Azure cloud instance may contain a default administrative password which can be used to remotely log in to the BIG-IP system. The affected administrative account is the Azure instance administrative user created at deployment. The root...
K10930474: TMM vulnerability CVE-2017-6155
Security Advisory Description Malformed SPDY or HTTP/2 requests may result in a disruption of service to TMM. Data plane is only exposed when a SPDY or HTTP/2 profile is attached to a virtual server. There is no control plane exposure. CVE-2017-6155 Impact An attacker may be able to disrupt traff...
K94552980: Intel product vulnerabilities CVE-2020-0550 and CVE-2020-0551
Security Advisory Description CVE-2020-0550 Improper data forwarding in some data cache for some IntelR Processors may allow an authenticated user to potentially enable information disclosure via local access. The list of affected products is provided in intel-sa-00330:...
K20281756: Libgcrypt vulnerability CVE-2017-7526
Security Advisory Description libgcrypt before version 1.7.8 is vulnerable to a cache side-channel attack resulting into a complete break of RSA-1024 while using the left-to-right method for computing the sliding-window expansion. The same attack is believed to work on RSA-2048 with moderately mo...
K01002228: Linux kernel vulnerability CVE-2020-11725
Security Advisory Description DISPUTED sndctlelemadd in sound/core/control.c in the Linux kernel through 5.6.3 has a count=info-owner line, which later affects a privatesizecount multiplication for unspecified "interesting side effects." NOTE: kernel engineers dispute this finding, because it cou...
K00025388: BIG-IP TMM AWS vulnerability CVE-2020-5856
Security Advisory Description While processing specifically crafted traffic using the default 'xnet' driver, BIG-IP Virtual Edition VE instances hosted in Amazon Web Services AWS may experience a Traffic Management Microkernel TMM restart. CVE-2020-5856 Impact A remote attacker may be able to...
K24311131: MySQL vulnerability CVE-2016-3492
Security Advisory Description Unspecified vulnerability in Oracle MySQL 5.5.51 and earlier, 5.6.32 and earlier, and 5.7.14 and earlier allows remote authenticated users to affect availability via vectors related to Server: Optimizer. CVE-2016-3492 Impact There is no impact; F5 products are not...
K00265182: Custom monitor privilege escalation vulnerability CVE-2016-5020
Security Advisory Description F5 BIG-IP before 12.0.0 HF3 allows remote authenticated users to modify the account configuration of users with the Resource Administration role and gain privilege via a crafted external Extended Application Verification EAV monitor script. CVE-2016-5020 Impact An...
K13028514: NGINX Controller webserver vulnerability CVE-2020-5894
Security Advisory Description The NGINX Controller webserver does not invalidate the server-side session token after users log out. CVE-2020-5894 Impact An attacker that successfully extracted a valid session token can use it before it expires on the server-side, even if the valid user has logged...
K37683194: Poppler vulnerability CVE-2018-13988
Security Advisory Description Poppler through 0.62 contains an out of bounds read vulnerability due to an incorrect memory access that is not mapped in its memory space, as demonstrated by pdfunite. This can result in memory corruption and denial of service. This may be exploitable when a victim...
K62750376: RADIUS authentication vulnerability CVE-2018-5515
Security Advisory Description Using RADIUS authentication responses from a RADIUS server with IPv6 addresses may cause TMM to crash, leading to a failover event. CVE-2018-5515 Impact BIG-IP When a BIG-IP system receives a RADIUS authentication response from a IPv6 RADIUS server, the affected syst...
K17201: Apache HTTP server vulnerability CVE-2008-0455
Security Advisory Description Cross-site scripting XSS vulnerability in the modnegotiation module in the Apache HTTP Server 2.2.6 and earlier in the 2.2.x series, 2.0.61 and earlier in the 2.0.x series, and 1.3.39 and earlier in the 1.3.x series allows remote authenticated users to inject arbitra...
K16877: libuser vulnerability CVE-2011-0002
Security Advisory Description Description libuser before 0.57 uses a cleartext password value of 1 !! or 2 x for new LDAP user accounts, which makes it easier for remote attackers to obtain access by specifying one of these values. CVE-2011-0002 Impact None. F5 products are not affected by this...
K21230183: NTP vulnerability CVE-2015-7976
Security Advisory Description The ntpq saveconfig command in NTP 4.1.2, 4.2.x before 4.2.8p6, 4.3, 4.3.25, 4.3.70, and 4.3.77 does not properly filter special characters, which allows attackers to cause unspecified impact via a crafted filename. CVE-2015-7976 Impact A remote user who uses the ntp...
K17159: PAM vulnerability CVE-2009-2410
Security Advisory Description The localhandlercallback function in server/responder/pam/pamLOCALdomain.c in sssd 0.4.1 does not properly handle blank-password accounts in the SSSD BE database, which allows context-dependent attackers to obtain access by sending the account's username, in...
K17170: Java vulnerability CVE-2015-4736
Security Advisory Description Unspecified vulnerability in Oracle Java SE 7u80 and 8u45 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to Deployment. CVE-2015-4736 Impact There is no impact; F5 products are not affected by this...
K53183580: TMM FastL4 vulnerability CVE-2019-6680
Security Advisory Description While processing traffic through a standard virtual server that targets a FastL4 virtual server VIP on VIP, hardware appliances may stop responding. CVE-2019-6680 Impact This vulnerability allows remote attackers to cause a denial of service DoS on the BIG-IP system...
K03244804: XML vulnerability CVE-2017-9233
Security Advisory Description XML External Entity vulnerability in libexpat 2.2.0 and earlier Expat XML Parser Library allows attackers to put the parser in an infinite loop using a malformed external entity definition from an external DTD. CVE-2017-9233 Impact BIG-IP Administrative interfaces,...
K51324410: SAMBA vulnerabilities CVE-2015-7560 and CVE-2016-0771
Security Advisory Description CVE-2015-7560 The SMB1 implementation in smbd in Samba 3.x and 4.x before 4.1.23, 4.2.x before 4.2.9, 4.3.x before 4.3.6, and 4.4.x before 4.4.0rc4 allows remote authenticated users to modify arbitrary ACLs by using a UNIX SMB1 call to create a symlink, and then usin...
K75136237: Privilege escalation vulnerability CVE-2015-7393
Security Advisory Description dcoep in BIG-IP LTM, Analytics, APM, ASM, and Link Controller 11.2.0 through 11.6.0 and 12.0.0 before 12.0.0 HF1, BIG-IP AAM 11.4.0 through 11.6.0 and 12.0.0 before 12.0.0 HF1, BIG-IP AFM and PEM 11.3.0 through 11.6.0 and 12.0.0 before 12.0.0 HF1, BIG-IP DNS 12.0.0...
K14132811: Java vulnerability CVE-2015-4893
Security Advisory Description Unspecified vulnerability in Oracle Java SE 6u101, 7u85, and 8u60; Java SE Embedded 8u51; and JRockit R28.3.7 allows remote attackers to affect availability via vectors related to JAXP, a different vulnerability than CVE-2015-4803 and CVE-2015-4911. CVE-2015-4893...
K000132492: SQLite vulnerability CVE-2022-46908
Security Advisory Description SQLite through 3.40.0, when relying on --safe for execution of an untrusted CLI script, does not properly implement the azProhibitedFunctions protection mechanism, and instead allows UDF functions such as WRITEFILE. CVE-2022-46908 Impact There is no impact; F5 produc...
K000132245: libpng vulnerability CVE-2019-7317
Security Advisory Description pngimagefree in png.c in libpng 1.6.x before 1.6.37 has a use-after-free because pngimagefreefunction is called under pngsafeexecute. CVE-2019-7317 Impact There is no impact; F5 products are not affected by this vulnerability. Security Advisory Status F5 Product...
K32196386: Linux kernel vulnerability CVE-2019-19447
Security Advisory Description In the Linux kernel 5.0.21, mounting a crafted ext4 filesystem image, performing some operations, and unmounting can lead to a use-after-free in ext4putsuper in fs/ext4/super.c, related to dumporphanlist in fs/ext4/super.c. CVE-2019-19447 Impact There is no impact; F...
K000130240: Intel BIOS vulnerability CVE-2022-26006
Security Advisory Description Improper input validation in the BIOS firmware for some IntelR Processors may allow a privileged user to potentially enable escalation of privilege via local access. CVE-2022-26006 Impact A local attacker logged in as a privileged user can exploit the vulnerability t...
SOL58243048 - Considerations for transferring files from F5 devices
Vulnerability Description The BIG-IP system uses Secure Vault, a secure SSL-encrypted storage system, to securely store sensitive data such as SSL key passphrases, users, and administrator and services passwords. However, files transferred from an F5 device may contain sensitive information such ...
SOL02026963 - LibTIFF vulnerability CVE-2016-3632
Vulnerability Recommended Actions None Supplemental Information SOL9970: Subscribing to email notifications regarding F5 products SOL9957: Creating a custom RSS feed to view new and updated documents SOL4602: Overview of the F5 security vulnerability response policy SOL4918: Overview of the F5...
SOL10133477 - BIG-IP IPsec IKE peer listener vulnerability CVE-2016-5736
Vulnerability Recommended Actions If you are running a version listed in the Versions known to be vulnerable column, you can eliminate this vulnerability by upgrading to a version listed in the Versions known to be not vulnerable column. If the table lists only an older version than what you are...
SOL12401251 - BIG-IP file validation vulnerability CVE-2015-8022
Vulnerability Recommended Actions If you are running a version listed in the Versions known to be vulnerable column, you can eliminate this vulnerability by upgrading to a version listed in the Versions known to be not vulnerable column. If the table lists only an older version than what you are...
SOL00265182 - Custom monitor privilege escalation vulnerability CVE-2016-5020
Vulnerability Recommended Actions If you are running a version listed in the Versions known to be vulnerable column, you can eliminate this vulnerability by upgrading to a version listed in the Versions known to be not vulnerable column. If the table lists only an older version than what you are...
SOL35424631 - OpenSSH vulnerability CVE-2016-1907
Vulnerability Recommended Actions If you are running a version listed in the Versions known to be vulnerable column, you can eliminate this vulnerability by upgrading to a version listed in the Versions known to be not vulnerable column. If the table lists only an older version than what you are...
SOL34250741 - BIND vulnerability CVE-2015-8000
Vulnerability Recommended Actions If you are running a version listed in the Versions known to be vulnerable column, you can eliminate this vulnerability by upgrading to a version listed in the Versions known to be not vulnerable column. If the table lists only an older version than what you are...
SOL17330 - GnuTLS vulnerability CVE-2015-3308
Vulnerability Recommended Actions If you are running a version listed in the Versions known to be vulnerable column, you can eliminate this vulnerability by upgrading to a version listed in the Versions known to be not vulnerable column. If the table lists only an older version than what you are...
SOL17267 - XSS vulnerability in Apache CVE-2002-0840
Note: As of February 17, 2015, AskF5 Security Advisory articles include the Severity value. Security Advisory articles published before this date do not list a Severity value. Recommended Action None Supplemental Information SOL9970: Subscribing to email notifications regarding F5 products SOL995...
SOL17174 - OpenJDK vulnerability CVE-2015-4733
Note: As of February 17, 2015, AskF5 Security Advisory articles include the Severity value. Security Advisory articles published before this date do not list a Severity value. Recommended Action If the previous table lists a version in the Versions known to be not vulnerable column, you can...
SOL16939 - Multiple Wireshark vulnerabilities
CVE-2014-6421 Use-after-free vulnerability in the SDP dissector in Wireshark 1.10.x before 1.10.10 allows remote attackers to cause a denial of service application crash via a crafted packet that leverages split memory ownership between the SDP and RTP dissectors. CVE-2014-6422 The SDP dissector ...