F5 Networks, Inc. Security Vulnerabilities

F5 Networks BIG-IP : BIG-IP SSL vulnerability (K14229426)

The version of F5 Networks BIG-IP installed on the remote host is prior to 14.1.4.6 / 15.1.5 / 16.1.2.2 / 17.0.0. It is, therefore, affected by a vulnerability as referenced in the K14229426 advisory. On F5 BIG-IP LTM, Advanced WAF, ASM, or APM 16.1.x versions prior to 16.1.2.2, 15.1.x versions...

F5 Networks BIG-IP : BIG-IP AFM vulnerability (K54892865)

The version of F5 Networks BIG-IP installed on the remote host is prior to 13.1.5 / 14.1.4.2 / 15.1.4.1 / 16.1.0. It is, therefore, affected by a vulnerability as referenced in the K54892865 advisory. On BIG-IP AFM version 16.x before 16.1.0, 15.1.x before 15.1.4.1, 14.1.x before 14.1.4.2, and...

F5 Networks BIG-IP : BIG-IP TMM vulnerability (K17514331)

The version of F5 Networks BIG-IP installed on the remote host is prior to 16.1.2 / 17.0.0. It is, therefore, affected by a vulnerability as referenced in the K17514331 advisory. On BIG-IP version 16.1.x before 16.1.2, when the 'Respond on Error' setting is enabled on the Request Logging...

F5 Networks BIG-IP : BIG-IP TMM vulnerability (K45421311)

Undisclosed internally-generated User Datagram Protocol (UDP) traffic may cause the Traffic Management Microkernel (TMM) to restart under some circumstances.(CVE-2020-5925) A BIG-IP system experiencing this vulnerability may log the following error message to the /var/log/tmm file : Assertion...

F5 Networks BIG-IP : Linux kernel vulnerability (K01043241)

The version of F5 Networks BIG-IP installed on the remote host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the K01043241 advisory. net/netfilter/nfnetlink_cthelper.c in the Linux kernel through 4.14.4 does not require the CAP_NET_ADMIN capability...

F5 Networks BIG-IP : procps-ng vulnerability (K00409335)

The version of F5 Networks BIG-IP installed on the remote host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the K00409335 advisory. procps-ng before version 3.3.15 is vulnerable to a local privilege escalation in top. If a user runs top with HOME...

F5 Networks BIG-IP : AMD processors vulnerability (K43357358)

The version of F5 Networks BIG-IP installed on the remote host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the K43357358 advisory. A potential vulnerability in some AMD processors using frequency scaling may allow an authenticated attacker to...

F5 Networks BIG-IP : Eclipse Jetty vulnerabilities (K10002140)

The version of F5 Networks BIG-IP installed on the remote host is prior to tested version. It is, therefore, affected by multiple vulnerabilities as referenced in the K10002140 advisory. In Eclipse Jetty, versions 9.2.x and older, 9.3.x (all configurations), and 9.4.x (non-default ...

F5 Networks BIG-IP : Intel processor vulnerabilities (K41043270)

The version of F5 Networks BIG-IP installed on the remote host is prior to tested version. It is, therefore, affected by multiple vulnerabilities as referenced in the K41043270 advisory. Observable response discrepancy in floating-point operations for some Intel(R) Processors may allow an ...

F5 Networks BIG-IP : Apache Tomcat vulnerability (K32469285)

The version of F5 Networks BIG-IP installed on the remote host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the K32469285 advisory. Apache Tomcat 10.0.0-M1 to 10.0.6, 9.0.0.M1 to 9.0.46 and 8.5.0 to 8.5.66 did not correctly parse the HTTP ...

F5 Networks BIG-IP : procps-ng vulnerability (K83271321)

The version of F5 Networks BIG-IP installed on the remote host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the K83271321 advisory. procps-ng before version 3.3.15 is vulnerable to an incorrect integer size in proc/alloc.* leading to ...

F5 Networks BIG-IP : Intel CPU vulnerability (K04160444)

The version of F5 Networks BIG-IP installed on the remote host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the K04160444 advisory. Out of bounds write in BIOS firmware for some Intel(R) Processors may allow an authenticated user to potentially...

F5 Networks BIG-IP : Apache HTTPD vulnerability (K000132665)

The version of F5 Networks BIG-IP installed on the remote host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the K000132665 advisory. Prior to Apache HTTP Server 2.4.55, a malicious backend can cause the response headers to be truncated early,...

F5 Networks BIG-IP : Vim/Neovim vulnerability (K93144355)

The version of F5 Networks BIG-IP installed on the remote host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the K93144355 advisory. getchar.c in Vim before 8.1.1365 and Neovim before 0.3.6 allows remote attackers to execute arbitrary OS commands...

F5 Networks BIG-IP : Intel BIOS vulnerability (K16162257)

The version of F5 Networks BIG-IP installed on the remote host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the K16162257 advisory. Improper input validation in the BIOS firmware for some Intel(R) Processors may allow a privileged user to ...

CVE-2023-0871

XXE injection in /rtc/post/ endpoint in OpenMNS Horizon 31.0.8 and versions earlier than 32.0.2 on multiple platforms is vulnerable to XML external entity (XXE) injection, which can be used for instance to force Horizon to make arbitrary HTTP requests to internal and external services. The...

F5 Networks BIG-IP : Apache Struts vulnerabilities (K24608264)

The version of F5 Networks BIG-IP installed on the remote host is prior to tested version. It is, therefore, affected by multiple vulnerabilities as referenced in the K24608264 advisory. Forced OGNL evaluation, when evaluated on raw user input in tag attributes, may lead to remote code ...

F5 Networks BIG-IP : Java SE vulnerability (K85742355)

The version of F5 Networks BIG-IP installed on the remote host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the K85742355 advisory. Vulnerability in the Java SE, Java SE Embedded product of Oracle Java SE (component: JSSE). Supported versions that...

F5 Networks BIG-IP : Linux kernel vulnerability (K13213573)

The version of F5 Networks BIG-IP installed on the remote host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the K13213573 advisory. Integer overflow in fs/aio.c in the Linux kernel before 3.4.1 allows local users to cause a denial of service or...

F5 Networks BIG-IP : Rowhammer hardware vulnerability (K60570139)

The version of F5 Networks BIG-IP installed on the remote host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the K60570139 advisory. Modern DRAM chips (DDR4 and LPDDR4 after 2015) are affected by a vulnerability in deployment of internal ...

F5 Networks BIG-IP : procps-ng vulnerability (K16124204)

The version of F5 Networks BIG-IP installed on the remote host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the K16124204 advisory. procps-ng before version 3.3.15 is vulnerable to multiple integer overflows leading to a heap corruption in...

F5 Networks BIG-IP : IPsec IKEv1 vulnerability (K42378447)

The version of F5 Networks BIG-IP installed on the remote host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the K42378447 advisory. The Internet Key Exchange v1 main mode is vulnerable to offline dictionary or brute force attacks. Reusing a key...

F5 Networks BIG-IP : Linux kernel vulnerability (K15412203)

The version of F5 Networks BIG-IP installed on the remote host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the K15412203 advisory. The Linux Kernel imposes a size restriction on the arguments and environmental strings passed through ...

F5 Networks BIG-IP : Linux kernel vulnerability (K40540405)

The version of F5 Networks BIG-IP installed on the remote host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the K40540405 advisory. The do_get_mempolicy function in mm/mempolicy.c in the Linux kernel before 4.12.9 allows local users to cause a...

F5 Networks BIG-IP : Intel processor vulnerability (K000133630)

The version of F5 Networks BIG-IP installed on the remote host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the K000133630 advisory. Improper access control in the BIOS firmware for some Intel(R) Processors may allow a privileged user to ...

F5 Networks BIG-IP : Python urllib.parse vulnerability (K000135921)

The version of F5 Networks BIG-IP installed on the remote host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the K000135921 advisory. An issue in the urllib.parse component of Python before 3.11.4 allows attackers to bypass blocklisting methods by...

F5 Networks BIG-IP : Apache Tomcat vulnerability (K000135262)

The version of F5 Networks BIG-IP installed on the remote host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the K000135262 advisory. The fix for CVE-2023-24998 was incomplete for Apache Tomcat 11.0.0-M2 to 11.0.0-M4, 10.1.5 to 10.1.7, 9.0.71 to...

F5 Networks BIG-IP : Intel Processor vulnerability (K11601010)

The version of F5 Networks BIG-IP installed on the remote host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the K11601010 advisory. Observable behavioral discrepancy in some Intel(R) Processors may allow an authorized user to potentially enable...

F5 Networks BIG-IP : Intel BIOS vulnerability (K53252134)

The version of F5 Networks BIG-IP installed on the remote host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the K53252134 advisory. Unchecked return value in the BIOS firmware for some Intel(R) Processors may allow a privileged user to potentially...

F5 Networks BIG-IP : Intel processors vulnerability (K14335949)

The version of F5 Networks BIG-IP installed on the remote host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the K14335949 advisory. Observable behavioral in power management throttling for some Intel(R) Processors may allow an authenticated user...

F5 Networks BIG-IP : Intel BIOS vulnerability (K55051330)

The version of F5 Networks BIG-IP installed on the remote host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the K55051330 advisory. Improper access control in the BIOS authenticated code module for some Intel(R) Processors may allow a privileged...

CVE-2023-0583

The VK Blocks plugin for WordPress is vulnerable to improper authorization via the REST 'update_vk_blocks_options' function in versions up to, and including, 1.57.0.5. This allows authenticated attackers, with contributor-level permissions or above, to change plugin settings including default...

[SECURITY] Fedora 39 Update: wireshark-4.0.15-1.fc39

Wireshark allows you to examine protocol data stored in files or as it is captured from wired or wireless (WiFi or Bluetooth) networks, USB devices, and many other sources. It supports dozens of protocol capture file formats and understands more than a thousand protocols. It has many powerful...

CVE-2024-1446 NextScripts: Social Networks Auto-Poster <= 4.4.3 - Cross-Site Request Forgery to Arbitrary Post Deletion

The NextScripts: Social Networks Auto-Poster plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 4.4.3. This is due to missing or incorrect nonce validation on the nxssnap-reposter page. This makes it possible for unauthenticated attackers to...

F5 Networks BIG-IP : BIG-IP Configuration utility vulnerability (K000133474)

The version of F5 Networks BIG-IP installed on the remote host is prior to 14.1.5.5 / 15.1.9.1 / 16.1.3.5 / 17.1.0.2. It is, therefore, affected by a vulnerability as referenced in the K000133474 advisory. A reflected cross-site scripting (XSS) vulnerability exists in an undisclosed page of the...

F5 Networks BIG-IP : BIG-IP SIP profile vulnerability (K34525368)

The version of F5 Networks BIG-IP installed on the remote host is prior to 14.1.5.3 / 15.1.8 / 16.1.3.3. It is, therefore, affected by a vulnerability as referenced in the K34525368 advisory. On BIG-IP versions 16.1.x before 16.1.3.3, 15.1.x before 15.1.8, 14.1.x before 14.1.5.3, and all...

F5 Networks BIG-IP : BIG-IP APM OAuth vulnerability (K20717585)

The version of F5 Networks BIG-IP installed on the remote host is prior to 14.1.5.3. It is, therefore, affected by a vulnerability as referenced in the K20717585 advisory. On version 14.1.x before 14.1.5.3, and all versions of 13.1.x, when the BIG-IP APM system is configured with all the...

F5 Networks BIG-IP : BIG-IP Virtual Edition vulnerability (K24572686)

The version of F5 Networks BIG-IP installed on the remote host is prior to 14.1.5.3 / 15.1.8. It is, therefore, affected by a vulnerability as referenced in the K24572686 advisory. On BIG-IP Virtual Edition versions 15.1x beginning in 15.1.4 to before 15.1.8 and 14.1.x beginning in 14.1.5 to...

F5 Networks BIG-IP : iControl REST and tmsh vulnerability (K83284425)

The version of F5 Networks BIG-IP installed on the remote host is prior to 14.1.5.3 / 15.1.8.1 / 16.1.3.3 / 17.0.0.2 / 17.1.0. It is, therefore, affected by a vulnerability as referenced in the K83284425 advisory. In BIG-IP versions 17.0.x before 17.0.0.2, 16.1.x before 16.1.3.3, 15.1.x before...

F5 Networks BIG-IP : BIG-IP Packet Filters vulnerability (K31856317)

The version of F5 Networks BIG-IP installed on the remote host is prior to 14.1.4.6 / 15.1.5.1 / 16.1.2.2 / 17.0.0. It is, therefore, affected by a vulnerability as referenced in the K31856317 advisory. On F5 BIG-IP 16.1.x versions prior to 16.1.2.2, 15.1.x versions prior to 15.1.5.1, and 14.1.x...

F5 Networks BIG-IP : BIG-IP iQuery mesh vulnerability (K000132972)

The version of F5 Networks BIG-IP installed on the remote host is prior to 14.1.5.4 / 15.1.8.2 / 16.1.3.4 / 17.1.0.1. It is, therefore, affected by a vulnerability as referenced in the K000132972 advisory. When DNS is provisioned, an authenticated remote command execution vulnerability exists in...

F5 Networks BIG-IP : BIG-IP UDP profile vulnerability (K20145107)

The version of F5 Networks BIG-IP installed on the remote host is prior to 14.1.5.4 / 15.1.8.2 / 16.1.3.4 / 17.1.0. It is, therefore, affected by a vulnerability as referenced in the K20145107 advisory. When UDP profile with idle timeout set to immediate or the value 0 is configured on a virtual...

F5 Networks BIG-IP : BIG-IP Stream profile vulnerability (K99123750)

The version of F5 Networks BIG-IP installed on the remote host is prior to 16.1.2.2 / 17.0.0. It is, therefore, affected by a vulnerability as referenced in the K99123750 advisory. On F5 BIG-IP 16.1.x versions prior to 16.1.2.2, when the stream profile is configured on a virtual server, ...

F5 Networks BIG-IP : BIG-IP DNS resolver vulnerability (K85054496)

The version of F5 Networks BIG-IP installed on the remote host is prior to 15.1.5.1 / 16.1.2.2 / 17.0.0. It is, therefore, affected by a vulnerability as referenced in the K85054496 advisory. On F5 BIG-IP 16.1.x versions prior to 16.1.2.2 and 15.1.x versions prior to 15.1.5.1, when a BIG-IP...

F5 Networks BIG-IP : BIG-IP CGNAT LSN vulnerability (K54082580)

The version of F5 Networks BIG-IP installed on the remote host is prior to 13.1.5 / 14.1.4.6 / 15.1.5.1 / 16.1.0 / 17.0.0. It is, therefore, affected by a vulnerability as referenced in the K54082580 advisory. On F5 BIG-IP 15.1.x versions prior to 15.1.5.1, 14.1.x versions prior to 14.1.4.6, and...

F5 Networks BIG-IP : BIG-IP SSL/TLS vulnerability (K09121542)

The version of F5 Networks BIG-IP installed on the remote host is prior to 13.0.0. It is, therefore, affected by a vulnerability as referenced in the K09121542 advisory. On all versions of BIG-IP 12.1.x and 11.6.x, the original TLS protocol includes a weakness in the master secret negotiation...

[SECURITY] Fedora 40 Update: wireshark-4.2.5-1.fc40

Wireshark allows you to examine protocol data stored in files or as it is captured from wired or wireless (WiFi or Bluetooth) networks, USB devices, and many other sources. It supports dozens of protocol capture file formats and understands more than a thousand protocols. It has many powerful...

F5 Networks BIG-IP : BIG-IP Configuration utility RCE (K000135689)

The version of F5 Networks BIG-IP installed on the remote host is prior to 17.1.0.3 / 16.1.4.1 / 15.1.10.2 / 14.1.5.6. It is, therefore, affected by a vulnerability as referenced in the K000135689 advisory. A directory traversal vulnerability exists in the BIG-IP Configuration utility that may...

F5 Networks BIG-IP : BIG-IP HTTP/2 DoS (K000137106)

The version of F5 Networks BIG-IP installed on the remote host is prior or equal to 17.1.0 / 16.1.4 / 15.1.10 / 14.1.5 / 13.1.5. It is, therefore, affected by a vulnerability as referenced in the K000137106 advisory. The HTTP/2 protocol allows a denial of service (server resource consumption)...

F5 Networks BIG-IP : BIG-IP DNS profile vulnerability (K37708118)

The version of F5 Networks BIG-IP installed on the remote host is prior to 14.1.5.3 / 15.1.8.1 / 16.1.3.3 / 17.0.0.2 / 17.1.0. It is, therefore, affected by a vulnerability as referenced in the K37708118 advisory. On BIG-IP versions 17.0.x before 17.0.0.2, 16.1.x before 16.1.3.3, 15.1.x before...