F5 Networks, Inc. Security Vulnerabilities

F5 Networks BIG-IP : QEMU vulnerability (K41301038)

The version of F5 Networks BIG-IP installed on the remote host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the K41301038 advisory. QEMU 5.0.0 has a use-after-free in hw/usb/hcd-xhci.c because the usb_packet_map return value is not checked....

F5 Networks BIG-IP : MySQL vulnerability (K000134469)

The version of F5 Networks BIG-IP installed on the remote host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the K000134469 advisory. Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Connection Handling). Supported...

F5 Networks BIG-IP : SCP vulnerability (K04305530)

The version of F5 Networks BIG-IP installed on the remote host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the K04305530 advisory. ** DISPUTED ** scp in OpenSSH through 8.3p1 allows command injection in the scp.c toremote function, as ...

F5 Networks BIG-IP : FasterXML vulnerability (K000132725)

The version of F5 Networks BIG-IP installed on the remote host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the K000132725 advisory. In FasterXML jackson-databind before 2.13.4, resource exhaustion can occur because of a lack of a check in ...

F5 Networks BIG-IP : PHP vulnerability (K000133753)

The version of F5 Networks BIG-IP installed on the remote host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the K000133753 advisory. In PHP 8.0.X before 8.0.28, 8.1.X before 8.1.16 and 8.2.X before 8.2.3, excessive number of parts in HTTP form...

F5 Networks BIG-IP : Java vulnerability (K71522481)

The version of F5 Networks BIG-IP installed on the remote host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the K71522481 advisory. Vulnerability in the Java SE, Java SE Embedded, Oracle GraalVM Enterprise Edition product of Oracle Java SE...

F5 Networks BIG-IP : Java vulnerability (K35253541)

The version of F5 Networks BIG-IP installed on the remote host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the K35253541 advisory. Vulnerability in the Java SE, Java SE Embedded product of Oracle Java SE (component: Libraries). Supported versions...

F5 Networks BIG-IP : zlib vulnerability (K21548854)

The version of F5 Networks BIG-IP installed on the remote host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the K21548854 advisory. zlib before 1.2.12 allows memory corruption when deflating (i.e., when compressing) if the input has many distant...

F5 Networks BIG-IP : BIG-IP Configuration utility vulnerability (K000138520)

The version of F5 Networks BIG-IP installed on the remote host is prior to 15.1.10.4 / 16.1.4.3 / 17.1.1.3. It is, therefore, affected by a vulnerability as referenced in the K000138520 advisory. A DOM-based cross-site scripting (XSS) vulnerability exists in an undisclosed page of the BIG-IP ...

CVE-2023-40311

Multiple stored XSS were found on different JSP files with unsanitized parameters in OpenMNS Horizon 31.0.8 and versions earlier than 32.0.2 on multiple platforms that allow an attacker to store on database and then load on JSPs or Angular templates. The solution is to upgrade to Meridian...

VMWare Aria Operations for Networks Authentication Bypass (CVE-2023-34039) (Direct Check)

Aria Operations for Networks contains an Authentication Bypass vulnerability due to a lack of unique cryptographic key generation. A malicious actor with network access to Aria Operations for Networks could bypass SSH authentication to gain access to the Aria Operations for Networks...

libreoffice security fix update

[1:5.3.6.1-26.0.1] - adjust color palette to match Redwood style. - Replaced RedHat colors with Oracle colors, and the filename redhat.soc with oracle.soc in specfile - Build with --with-vendor='Oracle America, Inc.' [1:5.3.6.1-26] - Fix CVE-2022-38745 Empty entry in Java class path - Fix...

CVE-2023-40313

A BeanShell interpreter in remote server mode runs in OpenMNS Horizon versions earlier than 32.0.2 and in related Meridian versions which could allow arbitrary remote Java code execution. The solution is to upgrade to Meridian 2023.1.6, 2022.1.19, 2021.1.30, 2020.1.38 or Horizon 32.0.2 or newer....

Security Advisory 0097

Security Advisory 0097 PDF Date: May 24, 2024 Revision | Date | Changes ---|---|--- 1.0 | May 24, 2024 | Initial release The CVE-ID tracking this issue: CVE-2023-52424 CVSSv3.1 Base Score: Not indicated by NVD as of 5/23/2024 Description Arista Networks is providing this security update in...

F5 Networks BIG-IP : Apache httpd vulnerability (K000139447)

The version of F5 Networks BIG-IP installed on the remote host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the K000139447 advisory. HTTP Response splitting in multiple modules in Apache HTTP Server allows an attacker that can inject malicious...

F5 Networks BIG-IP : BIG-IP APM vulnerability (K93543114)

The version of F5 Networks BIG-IP installed on the remote host is prior to 13.1.5 / 14.1.4.6 / 15.1.5.1 / 16.1.2.2 / 17.0.0. It is, therefore, affected by a vulnerability as referenced in the K93543114 advisory. On F5 BIG-IP APM 16.1.x versions prior to 16.1.2.2, 15.1.x versions prior to...

F5 Networks BIG-IP : BIG-IP TMUI vulnerability (K08510472)

The version of F5 Networks BIG-IP installed on the remote host is prior to 13.1.5 / 14.1.4.6 / 15.1.5.1 / 16.1.2.2 / 17.0.0. It is, therefore, affected by a vulnerability as referenced in the K08510472 advisory. On F5 BIG-IP AFM 16.1.x versions prior to 16.1.2.2, 15.1.x versions prior to...

F5 Networks BIG-IP : BIG-IP TMUI vulnerability (K41877405)

The version of F5 Networks BIG-IP installed on the remote host is prior to 14.1.4.6 / 15.1.5.1 / 16.1.2.2 / 17.0.0. It is, therefore, affected by a vulnerability as referenced in the K41877405 advisory. On F5 BIG-IP 16.1.x versions prior to 16.1.2.2, 15.1.x versions prior to 15.1.5.1, and 14.1.x...

F5 Networks BIG-IP : BIG-IP APM vulnerability (K57555833)

The version of F5 Networks BIG-IP installed on the remote host is prior to 15.1.5.1 / 16.1.2.2 / 17.0.0. It is, therefore, affected by a vulnerability as referenced in the K57555833 advisory. On 16.1.x versions prior to 16.1.2.2 and 15.1.x versions prior to 15.1.5.1, BIG-IP APM does not...

F5 Networks BIG-IP : BIG-IP HTTP profile vulnerability (K19501795)

iRules performing HTTP header manipulation may cause an interruption to service when processing traffic handled by a Virtual Server with an associated HTTP profile, in specific circumstances, when the requests do not strictly conform to RFCs. (CVE-2019-6631) Impact The BIG-IP system Traffic...

Juniper Devices - Remote Code Execution

Multiple cves in Juniper Network (CVE-2023-36844CVE-2023-36845CVE-2023-36846CVE-2023-36847).A PHP External Variable Modification vulnerability in J-Web of Juniper Networks Junos OS on EX Series allows an unauthenticated, network-based attacker to control certain, important environments variables......

CVE-2024-32547

Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Max Bond Code Insert Manager (Q2W3 Inc Manager) allows Reflected XSS.This issue affects Code Insert Manager (Q2W3 Inc Manager): from n/a through...

F5 Networks BIG-IP : Apache Tomcat vulnerability (K000138178)

The version of F5 Networks BIG-IP installed on the remote host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the K000138178 advisory. Incomplete Cleanup vulnerability in Apache Tomcat.When recycling various internal objects in Apache Tomcat from...

F5 Networks BIG-IP : Apache Tomcat vulnerability (K24551552)

The version of F5 Networks BIG-IP installed on the remote host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the K24551552 advisory. When using FORM authentication with Apache Tomcat 9.0.0.M1 to 9.0.29, 8.5.0 to 8.5.49 and 7.0.0 to 7.0.98 there was...

F5 Networks BIG-IP : Apache Struts vulnerabilities (K35226442)

The version of F5 Networks BIG-IP installed on the remote host is prior to tested version. It is, therefore, affected by multiple vulnerabilities as referenced in the K35226442 advisory. An access permission override in Apache Struts 2.0.0 to 2.5.20 may cause a Denial of Service when ...

F5 Networks BIG-IP : Linux kernel vulnerability (K07721343)

The version of F5 Networks BIG-IP installed on the remote host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the K07721343 advisory. A flaw was found in Linux kernel's KVM virtualization subsystem. The VMX code does not restore the GDT.LIMIT to the...

F5 Networks BIG-IP : Intel BIOS vulnerability (K000137202)

The version of F5 Networks BIG-IP installed on the remote host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the K000137202 advisory. Improper initialization in the BIOS firmware for some Intel(R) Processors may allow a privileged user to ...

F5 Networks BIG-IP : Intel BIOS vulnerability (K000130240)

The version of F5 Networks BIG-IP installed on the remote host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the K000130240 advisory. Improper input validation in the BIOS firmware for some Intel(R) Processors may allow a privileged user to ...

F5 Networks BIG-IP : Intel BIOS vulnerability (K14454359)

The version of F5 Networks BIG-IP installed on the remote host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the K14454359 advisory. Out-of-bounds write in the BIOS firmware for some Intel(R) Processors may allow a privileged user to potentially...

F5 Networks BIG-IP : Intel BIOS vulnerability (K04303225)

The version of F5 Networks BIG-IP installed on the remote host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the K04303225 advisory. Uncaught exception in the BIOS firmware for some Intel(R) Processors may allow a privileged user to potentially...

F5 Networks BIG-IP : Linux kernel vulnerability (K84900646)

The version of F5 Networks BIG-IP installed on the remote host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the K84900646 advisory. A flaw was found in the Linux kernel before 5.9-rc4. A failure of the file system metadata validator in XFS can...

CVE-2023-0870

A form can be manipulated with cross-site request forgery in multiple versions of OpenNMS Meridian and Horizon. This can potentially allow an attacker to gain access to confidential information and compromise integrity. The solution is to upgrade to Meridian 2023.1.1 or Horizon 31.0.6 or newer....

F5 Networks BIG-IP : BIG-IP MPTCP vulnerability (K31025212)

The version of F5 Networks BIG-IP installed on the remote host is prior to 11.6.5.3 / 12.1.5.3 / 13.1.3.6 / 14.1.3.1 / 15.1.2 / 16.0.1.1 / 16.1.0. It is, therefore, affected by a vulnerability as referenced in the K31025212 advisory. On BIG-IP versions 16.0.x before 16.0.1.1, 15.1.x before...

F5 Networks BIG-IP : TMM buffer-overflow vulnerability (K56715231)

The version of F5 Networks BIG-IP installed on the remote host is prior to 12.1.5.3 / 13.1.3.6 / 14.1.4 / 15.1.2.1 / 16.0.1.1 / 16.1.0. It is, therefore, affected by a vulnerability as referenced in the K56715231 advisory. On BIG-IP versions 16.0.x before 16.0.1.1, 15.1.x before 15.1.2.1, 14.1.x...

Exploit for Path Traversal in Aiohttp

CVE-2024-23334 PoC Description This repository contains a...

F5 Networks BIG-IP : BIG-IP Configuration utility XSS vulnerability (K000138636)

The version of F5 Networks BIG-IP installed on the remote host is prior to 15.1.10.4 / 16.1.4.3 / 17.1.1.3. It is, therefore, affected by a vulnerability as referenced in the K000138636 advisory. A stored cross-site scripting (XSS) vulnerability exists in an undisclosed page of the BIG-IP ...

CVE-2024-32977

OctoPrint provides a web interface for controlling consumer 3D printers. OctoPrint versions up until and including 1.10.0 contain a vulnerability that allows an unauthenticated attacker to completely bypass the authentication if the autologinLocal option is enabled within config.yaml, even if they....

F5 Networks BIG-IP : Apache HTTPD vulnerability (K78131906)

The version of F5 Networks BIG-IP installed on the remote host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the K78131906 advisory. A specially crafted request could have crashed the Apache HTTP Server prior to version 2.4.30, due to an out of...

F5 Networks BIG-IP : Intel processors vulnerability (K29100014)

The version of F5 Networks BIG-IP installed on the remote host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the K29100014 advisory. Improper conditions check in multiple Intel Processors may allow an authenticated user to potentially enable...

F5 Networks BIG-IP : Intel CPU vulnerability (K82356391)

The version of F5 Networks BIG-IP installed on the remote host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the K82356391 advisory. Improper buffer restrictions in BIOS firmware for some Intel(R) Processors may allow a privileged user to ...

F5 Networks BIG-IP : RetBleed CPU vulnerability (K83713003)

The version of F5 Networks BIG-IP installed on the remote host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the K83713003 advisory. Intel microprocessor generations 6 to 8 are affected by a new Spectre variant that is able to bypass their ...

F5 Networks BIG-IP : Intel BIOS vulnerability (K87351324)

The version of F5 Networks BIG-IP installed on the remote host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the K87351324 advisory. Out-of-bounds write in the BIOS authenticated code module for some Intel(R) Processors may allow a privileged user...

F5 Networks BIG-IP : Linux kernel vulnerability (K32380005)

The version of F5 Networks BIG-IP installed on the remote host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the K32380005 advisory. The flow_dissector feature in the Linux kernel 4.3 through 5.x before 5.3.10 has a device tracking vulnerability,...

F5 Networks BIG-IP : TMM IPv6 stack vulnerability (K64124988)

The version of F5 Networks BIG-IP installed on the remote host is prior to 13.1.5 / 14.1.4.6 / 15.1.5.1 / 16.1.0 / 17.0.0. It is, therefore, affected by a vulnerability as referenced in the K64124988 advisory. On F5 BIG-IP 15.1.x versions prior to 15.1.5.1, 14.1.x versions prior to 14.1.4.6,...

F5 Networks BIG-IP : BIG-IP TMM vulnerability (K41440465)

The version of F5 Networks BIG-IP installed on the remote host is prior to 13.1.5 / 14.1.4.6 / 15.1.5.1 / 16.1.2.2 / 17.0.0. It is, therefore, affected by a vulnerability as referenced in the K41440465 advisory. On F5 BIG-IP 16.1.x versions prior to 16.1.2.2, 15.1.x versions prior to 15.1.5.1,...

F5 Networks BIG-IP : BIG-IP Configuration utility XSS vulnerability (K000138894)

The version of F5 Networks BIG-IP installed on the remote host is prior to 15.1.10.4 / 16.1.4.3 / 17.1.1.3. It is, therefore, affected by a vulnerability as referenced in the K000138894 advisory. A reflected cross-site scripting (XSS) vulnerability exist in undisclosed page of the BIG-IP...

CVE-2023-40312

Multiple reflected XSS were found on different JSP files with unsanitized parameters in OpenMNS Horizon 31.0.8 and versions earlier than 32.0.2 on multiple platforms that an attacker can modify to craft a malicious XSS payload. The solution is to upgrade to Meridian 2023.1.6, 2022.1.19, 2021.1.30,....

F5 Networks BIG-IP : BIG-IP big3d vulnerability (K71103363)

The version of F5 Networks BIG-IP installed on the remote host is prior to 13.1.5 / 14.0.0. It is, therefore, affected by a vulnerability as referenced in the K71103363 advisory. On F5 BIG-IP 13.1.x versions prior to 13.1.5, and all versions of 12.1.x and 11.6.x, when multiple route domains...

F5 Networks BIG-IP : Linux kernel vulnerability (K01043241)

The version of F5 Networks BIG-IP installed on the remote host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the K01043241 advisory. net/netfilter/nfnetlink_cthelper.c in the Linux kernel through 4.14.4 does not require the CAP_NET_ADMIN capability...

F5 Networks BIG-IP : procps-ng vulnerability (K00409335)

The version of F5 Networks BIG-IP installed on the remote host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the K00409335 advisory. procps-ng before version 3.3.15 is vulnerable to a local privilege escalation in top. If a user runs top with HOME...