K95503300: BIG-IP APM virtual server vulnerability CVE-2023-22418

Security Advisory Description An open redirect vulnerability exists on virtual servers enabled with a BIG-IP APM access policy. This vulnerability allows an unauthenticated malicious attacker to build an open redirect URI. CVE-2023-22418 Impact An unauthenticated attacker can create an open...

K06345931: F5OS vulnerability CVE-2023-22657

Security Advisory Description Processing F5OS tenant file names may allow for command injection. CVE-2023-22657 Impact An attacker may trick an administrator to upload a file with a specially crafted file name that injects commands. Security Advisory Status F5 Product Development has assigned ID...

K56676554: BIG-IP HTTP/2 profile vulnerability CVE-2023-22664

Security Advisory Description When a client-side HTTP/2 profile and the HTTP MRF Router option are enabled for a virtual server, undisclosed requests can cause an increase in memory resource utilization. CVE-2023-22664 Impact System performance can degrade until the Traffic Management Microkernel...

K37708118: BIG-IP DNS profile vulnerability CVE-2023-22839

Security Advisory Description When a DNS profile with the Rapid Response Mode setting enabled is configured on a virtual server with hardware SYN cookies enabled, undisclosed requests cause the Traffic Management Microkernel TMM to terminate. CVE-2023-22839 Impact Traffic is disrupted while the T...

K24572686: BIG-IP Virtual Edition vulnerability CVE-2023-23555

Security Advisory Description When FastL4 profile is configured on a virtual server in BIG-IP Virtual Edition, undisclosed traffic can cause the Traffic Management Microkernel TMM to terminate. CVE-2023-23555 Impact Traffic is disrupted while the TMM process restarts. This vulnerability allows a...

K34525368: BIG-IP SIP profile vulnerability CVE-2023-22340

Security Advisory Description When a SIP profile is configured on a Message Routing type virtual server, undisclosed traffic can cause TMM to terminate. CVE-2023-22340 Impact Traffic is disrupted while the TMM process restarts. This vulnerability allows a remote unauthenticated attacker to cause ...

K000130415: iControl SOAP vulnerability CVE-2023-22374

Security Advisory Description A format string vulnerability exists in iControl SOAP that allows an authenticated attacker to crash the iControl SOAP CGI process or, potentially execute arbitrary code. In appliance mode BIG-IP, a successful exploit of this vulnerability can allow the attacker to...

K83284425: iControl REST and tmsh vulnerability CVE-2023-22326

Security Advisory Description Incorrect permission assignment vulnerabilities exist in the iControl REST and TMOS shell tmsh dig command which may allow an authenticated attacker with resource administrator role privilege to view sensitive information. CVE-2023-22326 Impact An authenticated...

K17542533: BIG-IP Advanced WAF and ASM vulnerability CVE-2023-23552

Security Advisory Description When a BIG-IP Advanced WAF or BIG-IP ASM security policy is configured on a virtual server, undisclosed requests can cause an increase in memory resource utilization. CVE-2023-23552 Impact System performance can degrade until the Traffic Management Microkernel TMM...

K07143733: BIG-IP Edge Client for Windows vulnerability CVE-2023-22283

Security Advisory Description A DLL hijacking vulnerability exists in the BIG-IP Edge Client for Windows. User interaction and administrative privileges are required to exploit this vulnerability because the victim user needs to run the executable on the system and the attacker requires...

K20717585: BIG-IP APM OAuth vulnerability CVE-2023-22341

Security Advisory Description When the BIG-IP APM system is configured with all the following elements, undisclosed requests may cause the Traffic Management Microkernel TMM to terminate: An OAuth Server that references an OAuth Provider An OAuth profile with the Authorization Endpoint set to '/'...

K46048342: BIG-IP AFM vulnerability CVE-2023-22281

Security Advisory Description When a BIG-IP AFM NAT policy with a destination NAT rule is configured on a FastL4 virtual server, undisclosed traffic can cause the Traffic Management Microkernel TMM to terminate. CVE-2023-22281 Impact Traffic is disrupted while the TMM process restarts. This...

K76964818: BIG-IP Edge Client for Windows vulnerability CVE-2023-22358

Security Advisory Description A DLL hijacking vulnerability exists in the BIG-IP Edge Client Windows Installer. CVE-2023-22358 Impact An attacker may exploit this vulnerability to use malicious Dynamic Link Libraries DLL to gain privilege escalation on the client Windows system. The installer loa...

K08182564: BIG-IP SIP profile vulnerability CVE-2023-22842

Security Advisory Description When a SIP profile is configured on a Message Routing type virtual server, undisclosed traffic can cause the Traffic Management Microkernel TMM to terminate. CVE-2023-22842 Impact Traffic is disrupted while the TMM process restarts. This vulnerability allows a remote...

K000132352: OpenAM Vulnerability CVE-2023-22320

Security Advisory Description OpenAM Web Policy Agent OpenAM Consortium Edition provided by OpenAM Consortium parses URLs improperly, leading to a path traversal vulnerabilityCWE-22. Furthermore, a crafted URL may be evaluated incorrectly. CVE-2023-22320 Impact There is no impact; F5 products are...

K86488846: Sudo vulnerability CVE-2021-3156

Security Advisory Description Sudo before 1.9.5p2 has a Heap-based Buffer Overflow, allowing privilege escalation to root via "sudoedit -s" and a command-line argument that ends with a single backslash character. CVE-2021-3156 Impact A local attacker can exploit the vulnerability to escalate thei...

K000132333: Python vulnerability CVE-2019-9674

Security Advisory Description Lib/zipfile. py in Python through 3.7.2 allows remote attackers to cause a denial of service resource consumption via a ZIP bomb. CVE-2019-9674 Impact There is no impact; F5 products are not affected by this vulnerability. Security Advisory Status F5 Product...

K000132268: BIND vulnerability CVE-2022-3924

Security Advisory Description This issue can affect BIND 9 resolvers with stale-answer-enable yes; that also make use of the option stale-answer-client-timeout, configured with a value greater than zero. If the resolver receives many queries that require recursion, there will be a corresponding...

K000132267: BIND vulnerability CVE-2022-3736

Security Advisory Description BIND 9 resolver can crash when stale cache and stale answers are enabled, option stale-answer-client-timeout is set to a positive integer, and the resolver receives an RRSIG query. This issue affects BIND 9 versions 9.16.12 through 9.16.36, 9.18.0 through 9.18.10,...

K000132266: BIND vulnerability CVE-2022-3094

Security Advisory Description Sending a flood of dynamic DNS updates may cause named to allocate large amounts of memory. This, in turn, may cause named to exit due to a lack of free memory. We are not aware of any cases where this has been exploited. Memory is allocated prior to the checking of...

K000132263: OpenJDK vulnerability CVE-2023-21843

Security Advisory Description Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise Edition product of Oracle Java SE component: Sound. Supported versions that are affected are Oracle Java SE: 8u351, 8u351-perf, 11.0.17, 17.0.5, 19.0.1; Oracle GraalVM Enterprise Edition: 20.3.8, 21.3.4 a...

K000132245: libpng vulnerability CVE-2019-7317

Security Advisory Description pngimagefree in png.c in libpng 1.6.x before 1.6.37 has a use-after-free because pngimagefreefunction is called under pngsafeexecute. CVE-2019-7317 Impact There is no impact; F5 products are not affected by this vulnerability. Security Advisory Status F5 Product...

K000130546: Gzip vulnerability CVE-2022-1271

Security Advisory Description An arbitrary file write vulnerability was found in GNU gzip's zgrep utility. When zgrep is applied on the attacker's chosen file name for example, a crafted file name, this can overwrite an attacker's content to an arbitrary attacker-selected file. This flaw occurs d...

K000132230: Java SE vulnerability CVE-2023-21835

Security Advisory Description Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise Edition product of Oracle Java SE component: JSSE. Supported versions that are affected are Oracle Java SE: 11.0.17, 17.0.5, 19.0.1; Oracle GraalVM Enterprise Edition: 20.3.8, 21.3.4 and 22.3.0. Easily...

K04305530: SCP vulnerability CVE-2020-15778

Security Advisory Description scp in OpenSSH through 8.3p1 allows command injection in the scp.c toremote function, as demonstrated by backtick characters in the destination argument. NOTE: the vendor reportedly has stated that they intentionally omit validation of "anomalous argument transfers"...

K21192332: Apache HTTP Server vulnerability CVE-2022-31813

Security Advisory Description Apache HTTP Server 2.4.53 and earlier may not send the X-Forwarded- headers to the origin server based on client side Connection header hop-by-hop mechanism. This may be used to bypass IP based authentication on the origin server/application. CVE-2022-31813 Impact An...

K52341555: Samba vulnerability CVE-2022-3592

Security Advisory Description A symlink following vulnerability was found in Samba, where a user can create a symbolic link that will make 'smbd' escape the configured share path. This flaw allows a remote user with access to the exported part of the file system under a share via SMB1 unix...

K83120834: Diffie-Hellman key agreement protocol weaknesses CVE-2002-20001 & CVE-2022-40735

Security Advisory Description The Diffie-Hellman Key Agreement Protocol allows remote attackers from the client side to send arbitrary numbers that are actually not public keys, and trigger expensive server-side DHE modular-exponentiation calculations, aka a DHEater attack. The client needs very...

K000132202: PyJWT vulnerability CVE-2017-11424

Security Advisory Description In PyJWT 1.5.0 and below the invalidstrings check in HMACAlgorithm.preparekey does not account for all PEM encoded public keys. Specifically, the PKCS1 PEM encoded format would be allowed because it is prefaced with the string -----BEGIN RSA PUBLIC KEY----- which is...

K000132174: Python Mailcap vulnerability CVE-2015-20107

Security Advisory Description In Python aka CPython up to 3.10.8, the mailcap module does not add escape characters into commands discovered in the system mailcap file. This may allow attackers to inject shell commands into applications that call mailcap.findmatch with untrusted input if they lac...

K44030142: OpenSSL vulnerabilities CVE-2022-3786 and CVE-2022-3602

Security Advisory Description CVE-2022-3786 A buffer overrun can be triggered in X.509 certificate verification, specifically in name constraint checking. Note that this occurs after certificate chain signature verification and requires either a CA to have signed a malicious certificate or for an...

K61903372: OpenSSL vulnerability CVE-2021-23839

Security Advisory Description OpenSSL 1.0.2 supports SSLv2. If a client attempts to negotiate SSLv2 with a server that is configured to support both SSLv2 and more recent SSL and TLS versions then a check is made for a version rollback attack when unpadding an RSA signature. Clients that support...

K14052032: OpenSSH vulnerability CVE-2018-15919

Security Advisory Description Remotely observable behaviour in auth-gss2.c in OpenSSH through 7.8 could be used by remote attackers to detect existence of users on a target system when GSS2 is in use. NOTE: the discoverer states 'We understand that the OpenSSH developers do not want to treat such...

K55879220: Overview of F5 vulnerabilities (May 2022)

Security Advisory Description On May 4, 2022, F5 announced the following security issues. This document is intended to serve as an overview of these vulnerabilities and security exposures to help determine the impact to your F5 devices. You can find the details of each issue in the associated...

K52322100: Authenticated F5 BIG-IP Guided Configuration integrity check in Appliance mode vulnerability CVE-2022-25946

Security Advisory Description When running in Appliance mode, an authenticated attacker with Administrator role privileges may be able to bypass Appliance mode restrictions due to a missing integrity check in F5 BIG-IP Guided Configuration. CVE-2022-25946 Impact In Appliance mode, an authenticate...

K000130541: Grub2 vulnerability CVE-2022-28734

Security Advisory Description Out-of-bounds write when handling split HTTP headers; When handling split HTTP headers, GRUB2 HTTP code accidentally moves its internal data buffer point by one position. This can lead to a out-of-bound write further when parsing the HTTP request, writing a NULL byte...

K69940053: BIG-IP iRules vulnerability CVE-2022-41833

Security Advisory Description When an iRule containing the HTTP::collect command is configured on a virtual server, undisclosed requests can cause Traffic Management Microkernel TMM to terminate. CVE-2022-41833 Impact Traffic is disrupted while the TMM process restarts. This vulnerability allows ...

K000130545: Python-pip vulnerability CVE-2018-20225

Security Advisory Description DISPUTED An issue was discovered in pip all versions because it installs the version with the highest version number, even if the user had intended to obtain a private package from a private index. This only affects use of the --extra-index-url option, and exploitati...

K000130533: libpng vulnerability CVE-2019-6129

Security Advisory Description DISPUTED pngcreateinfostruct in png.c in libpng 1.6.36 has a memory leak, as demonstrated by pngcp. NOTE: a third party has stated "I don't think it is libpng's job to free this buffer." CVE-2019-6129 Impact There is no impact; F5 products are not affected by this...

K56412001: BIG-IP SSL OCSP Authentication profile vulnerability CVE-2023-22323

Security Advisory Description When OCSP authentication profile is configured on a virtual server, undisclosed requests can cause an increase in CPU resource utilization. CVE-2023-22323 Impact System performance can degrade until the Traffic Management Microkernel TMM process is either forced to...

K58550078: BIG-IP HTTP profile vulnerability CVE-2023-22302

Security Advisory Description When an HTTP profile is configured on a virtual server and conditions beyond the attacker’s control exist on the target pool member, undisclosed requests sent to the BIG-IP system can cause the Traffic Management Microkernel TMM to terminate. CVE-2023-22302 Impact...

K13518: Multiple PHP vulnerabilities

Security Advisory Description The following PHP vulnerabilities require malicious user input in order to be exploited. For each item in the list, the affected command or component is not used by any F5 product, or its inputs are sanitized to prevent exploitation: CVE-2012-2376 CVE-2012-2311...

K13325942: Appliance mode iControl REST vulnerability CVE-2022-41800

Security Advisory Description When running in Appliance mode, an authenticated user assigned the Administrator role may be able to bypass Appliance mode restrictions, utilizing an undisclosed iControl REST endpoint. A successful exploit can allow the attacker to cross a security boundary...

K000130512: SQLite vulnerability CVE-2022-35737

Security Advisory Description SQLite 1.0.12 through 3.39.x before 3.39.2 sometimes allows an array-bounds overflow if billions of bytes are used in a string argument to a C API. CVE-2022-35737 Impact An authenticated remote attacker can exploit this vulnerability by sending a specially crafted...

K000130509: Thunderbird vulnerability CVE-2021-43529

Security Advisory Description Thunderbird versions prior to 91.3.0 are vulnerable to the heap overflow described in CVE-2021-43527 when processing S/MIME messages. Thunderbird versions 91.3.0 and later will not call the vulnerable code when processing S/MIME messages that contain certificates wit...

K97843387: Overview of F5 vulnerabilities (November 2022)

Security Advisory Description On November 16, 2022, F5 announced the following issues. This document is intended to serve as an overview of these issues to help determine the impact to your F5 devices. You can find the details of each issue in the associated articles. Distributed Cloud and Manage...

K94221585: iControl SOAP vulnerability CVE-2022-41622

Security Advisory Description BIG-IP and BIG-IQ are vulnerable to cross-site request forgery CSRF attacks through iControl SOAP. CVE-2022-41622 Impact An attacker may trick users who have at least resource administrator role privilege and are authenticated through basic authentication in iControl...

K000130500: AMD processors vulnerability CVE-2022-23825

Security Advisory Description Aliases in the branch predictor may cause some AMD processors to predict the wrong branch type potentially leading to information disclosure. CVE-2022-23825 Impact There is no impact; F5 products are not affected by this vulnerability. Security Advisory Status F5...

K85054496: BIG-IP DNS resolver vulnerability CVE-2022-28708

Security Advisory Description When a BIG-IP DNS resolver-enabled, HTTP-Explicit or SOCKS profile is configured on a virtual server, an undisclosed DNS response can cause the Traffic Management Microkernel TMM process to terminate. CVE-2022-28708 Impact Traffic is disrupted while the TMM process...

K17115: Multiple MySQL vulnerabilities

Security Advisory Description CVE-2015-0405 Unspecified vulnerability in Oracle MySQL Server 5.6.22 and earlier allows remote authenticated users to affect availability via unknown vectors related to XA. CVE-2015-0423 Unspecified vulnerability in Oracle MySQL Server 5.6.22 and earlier allows remo...