K22493037: The BIG-IP ASM system sends a received XML request with sensitive payload to the ICAP server

Security Advisory Description The BIG-IP ASM system sends a received XML request with sensitive payload to the Internet Content Adaptation Protocol ICAP server for inspection, regardless of any other settings. This issue occurs when all of the following conditions are met: The affected security...

K27205552: NGINX Controller vulnerability CVE-2020-5864

Security Advisory Description Communication between NGINX Controller and NGINX Plus instances skip TLS verification by default. CVE-2020-5864 Impact This vulnerability enables a man-in-the-middle MITM attack that can intercept the communication channel and read/modify data in transit. Security...

K16819: Linux kernel vulnerability CVE-2015-3331

Security Advisory Description The driverrfc4106decrypt function in arch/x86/crypto/aesni-intelglue.c in the Linux kernel before 3.19.3 does not properly determine the memory locations used for encrypted data, which allows context-dependent attackers to cause a denial of service buffer overflow an...

K16821: Apache Axis vulnerability CVE-2014-3596

Security Advisory Description The getCN function in Apache Axis 1.4 and earlier does not properly verify that the server hostname matches a domain name in the subject's Common Name CN or subjectAltName field of the X.509 certificate, which allows man-in-the-middle attackers to spoof SSL servers v...

K04160444: Intel CPU vulnerability CVE-2020-0592

Security Advisory Description Out of bounds write in BIOS firmware for some IntelR Processors may allow an authenticated user to potentially enable escalation of privilege and/or denial of service via local access. CVE-2020-0592 Impact There is no impact; F5 products are not affected by this...

K00091341: TMOS Shell privilege escalation vulnerability CVE-2020-5907

Security Advisory Description An authorized user provided with access only to the TMOS Shell tmsh may be able to conduct arbitrary file read/writes via the built-in sftp functionality. CVE-2020-5907 Impact A malicious actor who has gained access to a restricted account with tmsh access for exampl...

K7854: Web Applications Content Processing Scripts vulnerability

Security Advisory Description Note : Versions that are not listed in this article have not been evaluated for vulnerability to this security advisory. For information about the F5 security policy regarding evaluating older and unsupported versions of F5 products, refer to K4602: Overview of the F...

K02705117: The BIG-IP ASM system may fail to properly mask the value of a configured sensitive parameter in the request event log

Security Advisory Description When you configure a sensitive parameter for a security policy, the BIG-IP ASM system may fail to properly mask the value in the request log. This issue occurs when all of the following conditions are met: You enabled the Cross-Site Request Forgery CSRF Protection...

K16970: TLS Finish Message vulnerability

Security Advisory Description The BIG-IP system does not verify every byte in the Finished message of a TLS handshake. Impact There is no impact; F5 does not consider this behavior a vulnerability. Security Advisory Status F5 Product Development has assigned ID 530963 to this issue, and has...

K26555255: Multiple Java vulnerabilities CVE-2020-2781, CVE-2020-2800, CVE-2020-2803, CVE-2020-2805, CVE-2020-2830

Security Advisory Description CVE-2020-2781 Vulnerability in the Java SE, Java SE Embedded product of Oracle Java SE component: JSSE. Supported versions that are affected are Java SE: 7u251, 8u241, 11.0.6 and 14; Java SE Embedded: 8u241. Easily exploitable vulnerability allows unauthenticated...

K26583415: MQTT vulnerability CVE-2018-15323

Security Advisory Description In certain circumstances, when processing traffic through a Virtual Server with an associated MQTT profile, the TMM process may produce a core file and take the configured HA action. CVE-2018-15323 Impact This vulnerability allows remote attackers to cause a...

K16967: XSS vulnerability in jQuery CVE-2011-4969

Security Advisory Description Cross-site scripting XSS vulnerability in jQuery before 1.6.3, when using location.hash to select elements, allows remote attackers to inject arbitrary web script or HTML via a crafted tag. CVE-2011-4969 Impact There is no impact; F5 products are not affected by this...

K16940: Multiple Wireshark vulnerabilities

Security Advisory Description CVE-2014-6423 The tvbrawtextadd function in epan/dissectors/packet-megaco.c in the MEGACO dissector in Wireshark 1.10.x before 1.10.10 and 1.12.x before 1.12.1 allows remote attackers to cause a denial of service infinite loop via an empty line./ CVE-2014-6425 The 1...

K6737: SHMAT vulnerabilities CVE-2004-0114

Security Advisory Description Note : Versions that are not listed in this article have not been evaluated for vulnerability to this security advisory. For information about the F5 security policy regarding evaluating older and unsupported versions of F5 products, refer to K4602: Overview of the F...

K6736: OpenSSH vulnerabilities CAN-2006-5051, CAN-2006-4924

Security Advisory Description Note : For information about signing up to receive security notice updates from F5, refer to K9970: Subscribe to email notifications regarding F5 products and security announcements. Note : Versions that are not listed in this article have not been evaluated for...

K15482: Linux kernel vulnerability CVE-2014-4943

Security Advisory Description The PPPoL2TP feature in net/l2tp/l2tpppp.c in the Linux kernel through 3.15.6 allows local users to gain privileges by leveraging data-structure differences between an l2tp socket and an inet socket. CVE-2014-4943 Impact None. No F5 products are affected by this...

K15480: PHP vulnerability CVE-2012-2688

Security Advisory Description Description Unspecified vulnerability in the phpstreamscandir function in the stream implementation in PHP before 5.3.15 and 5.4.x before 5.4.5 has unknown impact and remote attack vectors, related to an "overflow." CVE-2012-2688 Impact None. F5 products are not...

K15481: BIND vulnerability CVE-2012-1033

Security Advisory Description The resolver in ISC BIND 9 through 9.8.1-P1 overwrites cached server names and TTL values in NS records during the processing of a response to an A record query, which allows remote attackers to trigger continued resolvability of revoked domain names via a "ghost...

K83093212: The BIG-IP ASM system may stop enforcing attack signatures after applying a security policy that includes a new signature

Security Advisory Description This issue occurs when all of the following conditions are met: Your BIG-IP ASM system is running versions 12.1.2 through 12.1.3.6. You configure multiple security policies on the BIG-IP ASM system. One of the security policies includes a new attack signature not...

K14613: BIND vulnerability CVE-2013-4854

Security Advisory Description The RFC 5011 implementation in rdata.c in ISC BIND 9.7.x and 9.8.x before 9.8.5-P2, 9.8.6b1, 9.9.x before 9.9.3-P2, and 9.9.4b1, and DNSco BIND 9.9.3-S1 before 9.9.3-S1-P1 and 9.9.4-S1b1, allows remote attackers to cause a denial-of-service DoS through a query with a...

K8171: Linux kernel IA32 System Call vulnerability - CVE-2007-4573

Security Advisory Description Note : Versions that are not listed in this article have not been evaluated for vulnerability to this security advisory. For information about the F5 security policy regarding evaluating older and unsupported versions of F5 products, refer to K4602: Overview of the F...

K08383757: perl-XML-Twig vulnerability CVE-2016-9180

Security Advisory Description perl-XML-Twig: The option to expandexternalents, documented as controlling external entity expansion in XML::Twig does not work. External entities are always expanded, regardless of the option's setting. CVE-2016-9180 Impact An authenticated user with a BIG-IP ASM...

K14046: FirePass input validation vulnerability

Security Advisory Description F5 FirePass SSL VPN contains an input validation vulnerability that may allow a remote attacker to compromise the FirePass controller. Impact An attacker may be able to exploit the vulnerability and retrieve arbitrary files, perform Denial of Service attacks, or...

K10631282: Flip Feng Shui (FFS) vulnerability

Security Advisory Description Flip Feng Shui FFS a new exploitation vector that allows an attacker to induce bit flips over arbitrary physical memory in a fully controlled way. FFS relies on the following underlying primitives: The ability to induce bit flips in controlled but not predetermined...

K55354030: OpenJDK vulnerabilities CVE-2021-2341, CVE-2021-2369, CVE-2021-2388, CVE-2021-2432

Security Advisory Description CVE-2021-2341 Vulnerability in the Java SE, Oracle GraalVM Enterprise Edition product of Oracle Java SE component: Networking. Supported versions that are affected are Java SE: 7u301, 8u291, 11.0.11, 16.0.1; Oracle GraalVM Enterprise Edition: 20.3.2 and 21.1.0...

K64124988: TMM IPv6 stack vulnerability CVE-2022-29479

Security Advisory Description When an IPv6 self IP address is configured and the ipv6.strictcompliance database key is enabled disabled by default on a BIG-IP system, undisclosed packets may cause decreased performance.CVE-2022-29479 Impact This vulnerability allows an unauthenticated attacker to...

K7529: Stack-based buffer overflow vulnerability in ActiveX control

Security Advisory Description Note: Versions that are not listed in this article have not been evaluated for vulnerability to this security advisory. For information about the F5 security policy regarding evaluating older and unsupported versions of F5 products, refer to K4602: Overview of the F5...

K54431371: BIG-IP APM client for Linux and macOS vulnerability CVE-2018-5546

Security Advisory Description The svpn and policyserver components of the F5 BIG-IP APM client prior to version 7.1.7.1 for Linux and macOS runs as a privileged process and can allow an unprivileged user to get ownership of files owned by root on the local client host. CVE-2018-5546 Impact A...

K35981055: glibc vulnerability CVE-2018-11237

Security Advisory Description An AVX-512-optimized implementation of the mempcpy function in the GNU C Library aka glibc or libc6 2.27 and earlier may write data beyond the target buffer, leading to a buffer overflow in mempcpyavx512novzeroupper. CVE-2018-11237 Impact There is no impact; F5...

K37111863: NodeJS vulnerability CVE-2018-12120

Security Advisory Description Node.js: All versions prior to Node.js 6.15.0: Debugger port 5858 listens on any interface by default: When the debugger is enabled with node --debug or node debug, it listens to port 5858 on all interfaces by default. This may allow remote computers to attach to the...

K59209532: NGINX Controller NATS vulnerability CVE-2020-5910

Security Advisory Description The Neural Autonomic Transport System NATS messaging services in use by the NGINX Controller do not require any form of authentication, so any successful connection would be authorized. CVE-2020-5910 Impact A malicious user with access to the host where NGINX...

K64855220: F5 TMUI and iControl Rest vulnerability CVE-2019-6634

Security Advisory Description High volume of malformed analytics report requests leads to instability in restjavad process. This causes issues with both iControl REST and some portions of TMUI. The attack requires an authenticated user with any role. CVE-2019-6634 Note: The No Access user role is...

K65292036: Linux kernel vulnerability CVE-2019-15791

Security Advisory Description In shiftfs, a non-upstream patch to the Linux kernel included in the Ubuntu 5.0 and 5.3 kernel series, shiftfsbtrfsioctlfdreplace installs an fd referencing a file from the lower filesystem without taking an additional reference to that file. After the btrfs ioctl...

K04320238: MySQL vulnerabilities CVE-2018-3276, CVE-2018-3277, CVE-2018-3278, CVE-2018-3279, and CVE-2018-3280

Security Advisory Description CVE-2018-3276 Vulnerability in the MySQL Server component of Oracle MySQL subcomponent: Server: Memcached. Supported versions that are affected are 5.6.41 and prior, 5.7.23 and prior and 8.0.12 and prior. Easily exploitable vulnerability allows high privileged attack...

K51975973: Eclipse Jetty vulnerability CVE-2021-34428

Security Advisory Description For Eclipse Jetty versions = 9.4.40, = 10.0.2, = 11.0.2, if an exception is thrown from the SessionListenersessionDestroyed method, then the session ID is not invalidated in the session ID manager. On deployments with clustered sessions and multiple contexts this can...

K84084843: NGINX Controller installer vulnerability CVE-2020-5911

Security Advisory Description The NGINX Controller installer starts the download of Kubernetes packages from an HTTP URL On Debian/Ubuntu system. CVE-2020-5911 Impact A man-in-the-middle MITM attacker can use this vulnerability to intercept the insecure HTTP channel and convincingly forge...

K28464509: PHP vulnerability CVE-2018-7584

Security Advisory Description In PHP through 5.6.33, 7.0.x before 7.0.28, 7.1.x through 7.1.14, and 7.2.x through 7.2.2, there is a stack-based buffer under-read while parsing an HTTP response in the phpstreamurlwraphttpex function in ext/standard/httpfopenwrapper.c. This subsequently results in...

K75952001: QEMU vulnerability CVE-2019-15890

Security Advisory Description libslirp 4.0.0, as used in QEMU 4.1.0, has a use-after-free in ipreass in ipinput.c. CVE-2019-15890 Impact There is no impact; F5 products are not affected by this vulnerability. Security Advisory Status F5 Product Development has evaluated the currently supported...

K92052341: Linux kernel vulnerability CVE-2021-29266

Security Advisory Description An issue was discovered in the Linux kernel before 5.11.9. drivers/vhost/vdpa.c has a use-after-free because v-configctx has an invalid value upon re-opening a character device, aka CID-f6bbf0010ba0. CVE-2021-29266 Impact There is no impact; F5 products are not...

K34514540: TMM vulnerability CVE-2017-6138

Security Advisory Description Malicious requests made to virtual servers with an HTTP profile can cause the TMM to restart. The issue is exposed with BIG-IP APM profiles, regardless of settings. The issue is also exposed with the non-default "normalize URI" configuration options used in iRules...

K47605350: MySQL vulnerability CVE-2016-5631

Security Advisory Description Unspecified vulnerability in Oracle MySQL 5.7.13 and earlier allows remote administrators to affect availability via vectors related to Server: Memcached. CVE-2016-5631 Impact There is no impact; F5 products are not affected by this vulnerability. Security Advisory...

K49436091: MySQL vulnerabilities CVE-2018-2668, CVE-2018-2696, and CVE-2018-2703

Security Advisory Description CVE-2018-2668 Vulnerability in the MySQL Server component of Oracle MySQL subcomponent: Server: Optimizer. Supported versions that are affected are 5.5.58 and prior, 5.6.38 and prior and 5.7.20 and prior. Easily exploitable vulnerability allows low privileged attacke...

K30255576: MySQL vulnerability CVE-2016-5507

Security Advisory Description Unspecified vulnerability in Oracle MySQL 5.6.32 and earlier and 5.7.14 and earlier allows remote administrators to affect availability via vectors related to Server: InnoDB. CVE-2016-5507 Impact There is no impact; F5 products are not affected by this vulnerability...

K35408374: BIG-IP compression driver vulnerability CVE-2021-23044

Security Advisory Description When the Intel QuickAssist Technology QAT compression driver is used on affected BIG-IP hardware and BIG-IP Virtual Edition VE platforms, undisclosed traffic can cause the Traffic Management Microkernel TMM to terminate. CVE-2021-23044 Impact Traffic is disrupted whi...

K50212906: MySQL vulnerability CVE-2016-8290

Security Advisory Description Unspecified vulnerability in Oracle MySQL 5.7.13 and earlier allows remote administrators to affect availability via vectors related to Server: Performance Schema, a different vulnerability than CVE-2016-5633. CVE-2016-8290 Impact There is no impact; F5 products are...

K36228121: BIG-IP DHCPv6 vulnerability CVE-2019-6643

Security Advisory Description An attacker sending specifically crafted DHCPv6 requests through a BIG-IP virtual server configured with a DHCPv6 profile may be able to cause the Traffic Management Microkernel TMM process to produce a core file. CVE-2019-6643 Impact This vulnerability may allow an...

K73008537: Apache Tomcat vulnerability CVE-2018-1336

Security Advisory Description An improper handing of overflow in the UTF-8 decoder with supplementary characters can lead to an infinite loop in the decoder causing a Denial of Service. Versions Affected: Apache Tomcat 9.0.0.M9 to 9.0.7, 8.5.0 to 8.5.30, 8.0.0.RC1 to 8.0.51, and 7.0.28 to 7.0.86...

K13201415: MySQL vulnerability CVE-2016-5616

Security Advisory Description Unspecified vulnerability in Oracle MySQL 5.5.51 and earlier, 5.6.32 and earlier, and 5.7.14 and earlier allows local users to affect confidentiality, integrity, and availability via vectors related to Server: MyISAM. CVE-2016-5616 Impact There is no impact; F5...

K20226900: F5 WebSafe Dashboard vulnerability CVE-2018-5545

Security Advisory Description A malicious, authenticated user can execute code on the F5 WebSafe Alert Server by using a maliciously crafted payload. CVE-2018-5545 Impact F5 WebSafe Alert Server An attacker with an authenticated account may be able to perform a malicious remote code execution on...

K67644055: PHP vulnerability CVE-2016-5772

Security Advisory Description Double free vulnerability in the phpwddxprocessdata function in wddx.c in the WDDX extension in PHP before 5.5.37, 5.6.x before 5.6.23, and 7.x before 7.0.8 allows remote attackers to cause a denial of service application crash or possibly execute arbitrary code via...