K42933418: BIG-IP PingAccess vulnerability CVE-2020-27723

Security Advisory Description A BIG-IP APM virtual server processing PingAccess requests may lead to a restart of the Traffic Management Microkernel TMM process. CVE-2020-27723 Impact Traffic processing on the BIG-IP system is disrupted while TMM restarts, leading to a failover event in a high...

K50233772: HTTP/2 Settings Flood vulnerability CVE-2019-9515

Security Advisory Description Some HTTP/2 implementations are vulnerable to a settings flood, potentially leading to a denial of service. The attacker sends a stream of SETTINGS frames to the peer. Since the RFC requires that the peer reply with one acknowledgement per SETTINGS frame, an empty...

K63525058: cURL vulnerability CVE-2020-8284

Security Advisory Description A malicious server can use the FTP PASV response to trick curl 7.73.0 and earlier into connecting back to a given IP address and port, and this way potentially make curl extract information about services that are otherwise private and not disclosed, for example doin...

K61620494: TMUI vulnerability CVE-2018-15329

Security Advisory Description When authenticated administrative users run commands in the Traffic Management User Interface TMUI, also referred to as the BIG-IP Configuration utility, restrictions on allowed commands may not be enforced. CVE-2018-15329 Impact This vulnerability may allow...

K43084130: BIND vulnerability CVE-2018-5735

Security Advisory Description The Debian backport of the fix for CVE-2017-3137 leads to assertion failure in validator.c:1858; Affects Debian versions 9.9.5.dfsg-9+deb8u15; 9.9.5.dfsg-9+deb8u18; 9.10.3.dfsg.P4-12.3+deb9u5; 9.11.5.P4+dfsg-5.1 No ISC releases are affected. Other packages from other...

K41283800: INTEL-SA-00233 Microarchitectural Data Sampling Advisory

Security Advisory Description Multiple vulnerabilities in Intel processors have been mentioned in several sources and are referred to collectively as INTEL-SA-00233 Microarchitectural Data Sampling Advisory. F5 is aware of these vulnerabilities and is investigating as information becomes availabl...

K41309988: FreeIPA vulnerability CVE-2016-5404

Security Advisory Description The certrevoke command in FreeIPA does not check for the "revoke certificate" permission, which allows remote authenticated users to revoke arbitrary certificates by leveraging the "retrieve certificate" permission. CVE-2016-5404 Impact There is no impact; F5 product...

K41454238: Apache mod_auth_openidc vulnerabilities CVE-2021-32785 CVE-2021-32786 CVE-2021-32792

Security Advisory Description CVE-2021-32785 modauthopenidc is an authentication/authorization module for the Apache 2.x HTTP server that functions as an OpenID Connect Relying Party, authenticating users against an OpenID Connect Provider. When modauthopenidc versions prior to 2.4.9 are configur...

K66171422: BIG-IP APM redirect vulnerability CVE-2018-5548

Security Advisory Description An insecure AES ECB mode is used for origuri parameter in an undisclosed /vdesk link of APM virtual server configured with an access profile, allowing a malicious user to build a redirect URI value using different blocks of cipher texts. CVE-2018-5548 Impact An...

K73122539: Java vulnerability CVE-2018-2790

Security Advisory Description Vulnerability in the Java SE, Java SE Embedded component of Oracle Java SE subcomponent: Security. Supported versions that are affected are Java SE: 6u181, 7u171, 8u162 and 10; Java SE Embedded: 8u161. Difficult to exploit vulnerability allows unauthenticated attacke...

K52308021: GNU C Library (glibc) vulnerabilities CVE-2022-23218 and CVE-2022-23219

Security Advisory Description CVE-2022-23218 The deprecated compatibility function svcunixcreate in the sunrpc module of the GNU C Library aka glibc through 2.34 copies its path argument on the stack without validating its length, which may result in a buffer overflow, potentially resulting in a...

K34551175: PHP vulnerability CVE-2017-9224

Security Advisory Description An issue was discovered in Oniguruma 6.2.0, as used in Oniguruma-mod in Ruby through 2.4.1 and mbstring in PHP through 7.1.5. A stack out-of-bounds read occurs in matchat during regular expression searching. A logical error involving order of validation and access in...

K39272405: OpenSSL vulnerability CVE-2016-7052

Security Advisory Description crypto/x509/x509vfy.c in OpenSSL 1.0.2i allows remote attackers to cause a denial of service NULL pointer dereference and application crash by triggering a CRL operation. CVE-2016-7052 Impact There is no impact; F5 products are not affected by this vulnerability...

K39508724: TMM SSL/TLS virtual server vulnerability CVE-2016-6907

Security Advisory Description TMM SSL/TLS virtual server using CBC cipher may be vulnerable to a "Vaudenay timing attack" aka 'Padding oracle attack.' CVE-2016-6907 The BIG-IP system may be vulnerable to a padding oracle attack on the following platforms: The VIPRION B4450 blade and BIG-IP 2000 a...

K55812535: BIG-IP MRF Diameter vulnerability CVE-2019-6686

Security Advisory Description The Traffic Management Microkernel TMM might stop responding after the total number of diameter connections and pending messages on a single virtual server has reached 32K. CVE-2019-6686 Impact BIG-IP This vulnerability affects only virtual servers associated with th...

K39712275: PHP vulnerability CVE-2016-7414

Security Advisory Description The ZIP signature-verification feature in PHP before 5.6.26 and 7.x before 7.0.11 does not ensure that the uncompressedfilesize field is large enough, which allows remote attackers to cause a denial of service out-of-bounds memory access or possibly have unspecified...

K10027302: Libsoup vulnerability CVE-2018-12910

Security Advisory Description The getcookies function in soup-cookie-jar.c in libsoup 2.63.2 allows attackers to have unspecified impact via an empty hostname. CVE-2018-12910 Impact There is no impact; F5 products are not affected by this vulnerability. Security Advisory Status F5 Product...

K34303485: Microarchitectural Data Sampling Uncacheable Memory (MDSUM) CVE-2019-11091

Security Advisory Description Microarchitectural Data Sampling Uncacheable Memory MDSUM: Uncacheable memory on some microprocessors utilizing speculative execution may allow an authenticated user to potentially enable information disclosure via a side channel with local access. CVE-2019-11091...

K52167636: TMM vulnerability CVE-2017-6153

Security Advisory Description Features in the BIG-IP system that utilize inflate functionality directly, via an iRule, or via the inflate code from PEM module are subjected to a service disruption via a "Zip Bomb" attack. CVE-2017-6153 Impact BIG-IP systems deployed in Forward Proxy mode with the...

K31323265: OpenSSL vulnerability CVE-2022-0778

Security Advisory Description The BNmodsqrt function, which computes a modular square root, contains a bug that can cause it to loop forever for non-prime moduli. Internally this function is used when parsing certificates that contain elliptic curve public keys in compressed form or explicit...

K82200103: Apache mod_http2 vulnerability CVE-2019-10082

Security Advisory Description In Apache HTTP Server 2.4.18-2.4.39, using fuzzed network input, the http/2 session handling could be made to read memory after being freed, during connection shutdown. CVE-2019-10082 Impact There is no impact; F5 products are not affected by this vulnerability...

K36984830: Gdk-pixbuf vulnerability CVE-2017-2862

Security Advisory Description An exploitable heap overflow vulnerability exists in the gdkpixbufjpegimageloadincrement functionality of Gdk-Pixbuf 2.36.6. A specially crafted jpeg file can cause a heap overflow resulting in remote code execution. An attacker can send a file or url to trigger this...

K52370164: Microarchitectural Store Buffer Data Sampling (MSBDS) CVE-2018-12126

Security Advisory Description Microarchitectural Store Buffer Data Sampling MSBDS: Store buffers on some microprocessors utilizing speculative execution may allow an authenticated user to potentially enable information disclosure via a side channel with local access.CVE-2018-12126 Impact MDS...

K49419538: libxml2 vulnerability CVE-2016-4658

Security Advisory Description xpointer.c in libxml2 before 2.9.5 as used in Apple iOS before 10, OS X before 10.12, tvOS before 10, and watchOS before 3, and other products does not forbid namespace nodes in XPointer ranges, which allows remote attackers to execute arbitrary code or cause a denia...

K70938105: Expat XML library vulnerability CVE-2016-5300

Security Advisory Description The XML parser in Expat does not use sufficient entropy for hash initialization, which allows context-dependent attackers to cause a denial of service CPU consumption via crafted identifiers in an XML document. NOTE: this vulnerability exists because of an incomplete...

K62789814: Quagga bgpd vulnerabilities CVE-2018-5378, CVE-2018-5379, CVE-2018-5380, and CVE-2018-5381

Security Advisory Description CVE-2018-5378 The Quagga BGP daemon bgpd prior to version 1.2.3 does not properly bounds check the data sent with a NOTIFY to a peer, if an attribute length is invalid. Arbitrary data from the bgpd process may be sent over the network to a peer and/or bgpd may crash...

K26351280: HTTP proxy client implementations vulnerability VU#905344

Security Advisory Description HTTP CONNECT requests and 407 Proxy Authentication Required messages are not integrity protected and are susceptible to man-in-the-middle attacks. WebKit-based applications are additionally vulnerable to arbitrary HTML markup and JavaScript execution in the context o...

K48523069: System Security Services Daemon vulnerability CVE-2015-5292

Security Advisory Description Memory leak in the Privilege Attribute Certificate PAC responder plugin sssdpacplugin.so in System Security Services Daemon SSSD 1.10 before 1.13.1 allows remote authenticated users to cause a denial of service memory consumption via a large number of logins that...

K46859523: Multiple Java vulnerabilities

Security Advisory Description CVE-2022-21618 Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise Edition product of Oracle Java SE component: JGSS. Supported versions that are affected are Oracle Java SE: 17.0.4.1, 19; Oracle GraalVM Enterprise Edition: 21.3.3 and 22.2.0. Easily...

K46011592: HTTP/2 Empty Frames Flood vulnerability CVE-2019-9518

Security Advisory Description Some HTTP/2 implementations are vulnerable to a flood of empty frames, potentially leading to a denial of service. The attacker sends a stream of frames with an empty payload and without the end-of-stream flag. These frames can be DATA, HEADERS, CONTINUATION and/or...

K17075474: glibc vulnerability CVE-2016-4429

Security Advisory Description Stack-based buffer overflow in the clntudpcall function in sunrpc/clntudp.c in the GNU C Library aka glibc or libc6 allows remote servers to cause a denial of service crash or possibly unspecified other impact via a flood of crafted ICMP and UDP packets. CVE-2016-442...

K20222812: BIG-IP Configuration utility vulnerability CVE-2018-15327

Security Advisory Description When authenticated administrative users run commands in the Traffic Management User Interface TMUI, also referred to as the BIG-IP Configuration utility, restrictions on allowed commands may not be enforced. CVE-2018-15327 Impact BIG-IP and Enterprise Manager This...

K19240391: Apache Tomcat vulnerability CVE-2020-11996

Security Advisory Description A specially crafted sequence of HTTP/2 requests sent to Apache Tomcat 10.0.0-M1 to 10.0.0-M5, 9.0.0.M1 to 9.0.35 and 8.5.0 to 8.5.55 could trigger high CPU usage for several seconds. If a sufficient number of such requests were made on concurrent HTTP/2 connections,...

K45474286: Apache Struts Freemarker Remote Code Execution vulnerability CVE-2017-12611

Security Advisory Description In Apache Struts 2.0.1 through 2.3.33 and 2.5 through 2.5.10, using an unintentional expression in a Freemarker tag instead of string literals can lead to a RCE attack. CVE-2017-12611 Impact There is no impact; F5 products are not affected by this vulnerability...

K17341495: Traffix SDC Configuration utility vulnerability CVE-2022-27880

Security Advisory Description A stored Cross-Site Scripting XSS vulnerability exists in an undisclosed page of the Traffix SDC Configuration utility that allows an attacker to execute JavaScript in the context of the currently logged-in user. CVE-2022-27880 Impact An authenticated attacker may...

K24207649: GNU C Library (glibc) vulnerability CVE-2021-3999

Security Advisory Description A flaw was found in glibc. An off-by-one buffer overflow and underflow in getcwd may lead to memory corruption when the size of the buffer is exactly 1. A local attacker who can control the input buffer and size passed to getcwd in a setuid program could use this fla...

K94828628: Apache mod_proxy HTTP/2 vulnerability CVE-2021-33193

Security Advisory Description A crafted method sent through HTTP/2 will bypass validation and be forwarded by modproxy, which can lead to request splitting or cache poisoning. This issue affects Apache HTTP Server 2.4.17 to 2.4.48. CVE-2021-33193 Impact There is no impact; F5 products are not...

K96924184: BIG-IP HTTP profile vulnerability CVE-2022-23022

Security Advisory Description When an HTTP profile is configured on a virtual server, undisclosed requests can cause the Traffic Management Microkernel TMM to terminate. CVE-2022-23022 Impact Traffic is disrupted while the TMM process restarts. This vulnerability allows a remote, unauthenticated...

K92307453: MySQL Server Replication vulnerabilities CVE-2017-3647 and CVE-2017-3649

Security Advisory Description CVE-2017-3647 Vulnerability in the MySQL Server component of Oracle MySQL subcomponent: Server: Replication. Supported versions that are affected are 5.6.36 and earlier and 5.7.18 and earlier. Difficult to exploit vulnerability allows high privileged attacker with...

K53931245: BIG-IP SSL profile vulnerability CVE-2018-5524

Security Advisory Description Under certain conditions, virtual servers configured with Client SSL or Server SSL profiles that make use of network hardware security module HSM functionality are exposed and impacted by this issue. CVE-2018-5524 Impact Malformed Transport Layer Security TLS request...

K48050136: OpenSSH client vulnerability CVE-2020-14145

Security Advisory Description The client side in OpenSSH 5.7 through 8.4 has an Observable Discrepancy leading to an information leak in the algorithm negotiation. This allows man-in-the-middle attackers to target initial connection attempts where no host key for the server has been cached by the...

K32171392: Apache Log4j2 vulnerability CVE-2021-45046

Security Advisory Description It was found that the fix to address CVE-2021-44228 in Apache Log4j 2.15.0 was incomplete in certain non-default configurations. This could allows attackers with control over Thread Context Map MDC input data when the logging configuration uses a non-default Pattern...

K36320691: F5 SSL Orchestrator vulnerability CVE-2019-6627

Security Advisory Description On rare occasions, specific to a certain race condition, TMM may restart when SSL Forward Proxy enforces the bypass action for an SSL Orchestrator transparent virtual server with SNAT enabled. CVE-2019-6627 Impact The Traffic Management Microkernel TMM may restart,...

K74327432: F5 Container Ingress Services vulnerability CVE-2019-6648

Security Advisory Description If DEBUG logging is enabled, F5 Container Ingress Services CIS for Kubernetes and Red Hat OpenShift k8s-bigip-ctlr log files may contain BIG-IP system secrets such as SSL Private Keys and Private key Passphrases as provided as inputs by an AS3 Declaration...

K34450231: TLS 1.3 vulnerability CVE-2019-6659

Security Advisory Description BIG-IP virtual servers with TLS 1.3 enabled may experience a denial-of-service DoS due to undisclosed incoming messages. CVE-2019-6659 Impact BIG-IP LTM, AAM, AFM, Analytics, APM, ASM, DNS, Edge Gateway, FPS, GTM, Link Controller, PEM, WebAccelerator Undisclosed...

K58502649: MySQL vulnerabilities CVE-2018-3123, CVE-2019-2566, CVE-2019-2580, CVE-2019-2581, CVE-2019-2584

Security Advisory Description CVE-2018-3123 Vulnerability in the MySQL Server component of Oracle MySQL subcomponent: Server: libmysqld. Supported versions that are affected are 5.6.42 and prior, 5.7.24 and prior and 8.0.13 and prior. Difficult to exploit vulnerability allows unauthenticated...

K24241590: BIG-IP APM ignores the Restrict to Single Client IP option for Native RDP resources

Security Advisory Description This issue occurs when all of the following conditions are met: You enable the Restrict to Single Client IP option in the Access profile. Users access a native Remote Desktop Protocol RDP resource on the BIG-IP APM webtop. When launching a native RDP resource from th...

K43223005: PHP vulnerability CVE-2018-5711

Security Advisory Description gdgifin.c in the GD Graphics Library aka libgd, as used in PHP before 5.6.33, 7.0.x before 7.0.27, 7.1.x before 7.1.13, and 7.2.x before 7.2.1, has an integer signedness error that leads to an infinite loop via a crafted GIF file, as demonstrated by a call to the...

K17528: NTP vulnerability CVE-2015-7850

Security Advisory Description ntpd in NTP 4.2.x before 4.2.8p4, and 4.3.x before 4.3.77 allows remote authenticated users to cause a denial of service infinite loop or crash by pointing the key file at the log file. CVE-2015-7850 Impact Under certain specific conditions, an attacker can send a se...

K17515: NTP vulnerability CVE-2015-7855

Security Advisory Description The decodenetnum function in ntpd in NTP 4.2.x before 4.2.8p4, and 4.3.x before 4.3.77 allows remote attackers to cause a denial of service assertion failure via a 6 or mode 7 packet containing a long data value. CVE-2015-7855 Impact A locally authenticated user may ...