Big-ip Access Policy Manager Security Vulnerabilities and Issues — Big-ip Access Policy Manager CVE List

Lucene search

F5Big-ip Access Policy Manager

5 matches found

CVE•added 2020/10/29 2:15 p.m.•42 views

CVE-2020-5938

On BIG-IP 13.1.0-13.1.3.4, 12.1.0-12.1.5.2, and 11.6.1-11.6.5.2, when negotiating IPSec tunnels with configured, authenticated peers, the peer may negotiate a different key length than the BIG-IP configuration would otherwise allow.

6.5CVSS6.4AI score0.00125EPSS

CVE•added 2020/10/29 4:15 p.m.•41 views

CVE-2020-5931

On BIG-IP 15.1.0-15.1.0.5, 14.1.0-14.1.2.3, 13.1.0-13.1.3.4, 12.1.0-12.1.5.2, and 11.6.1-11.6.5.2, Virtual servers with a OneConnect profile may incorrectly handle WebSockets related HTTP response headers, causing TMM to restart.

7.5CVSS7.4AI score0.00891EPSS

CVE•added 2020/10/29 4:15 p.m.•39 views

CVE-2020-5933

On versions 15.1.0-15.1.0.5, 14.1.0-14.1.2.3, 13.1.0-13.1.3.4, 12.1.0-12.1.5.1, and 11.6.1-11.6.5.1, when a BIG-IP system that has a virtual server configured with an HTTP compression profile processes compressed HTTP message payloads that require deflation, a Slowloris-style attack can trigger an ...

7.8CVSS7.5AI score0.00611EPSS

CVE•added 2020/10/29 4:15 p.m.•39 views

CVE-2020-5935

On BIG-IP (LTM, AAM, AFM, Analytics, APM, ASM, DNS, FPS, GTM, Link Controller, PEM) versions 15.1.0-15.1.0.5, 14.1.0-14.1.2.3, and 13.1.0-13.1.3.3, when handling MQTT traffic through a BIG-IP virtual server associated with an MQTT profile and an iRule performing manipulations on that traffic, TMM m...

5.9CVSS5.7AI score0.00647EPSS

CVE•added 2020/10/29 4:15 p.m.•31 views

CVE-2020-5934

On BIG-IP APM 15.1.0-15.1.0.5, 14.1.0-14.1.2.3, and 13.1.0-13.1.3.3, when multiple HTTP requests from the same client to configured SAML Single Logout (SLO) URL are passing through a TCP Keep-Alive connection, traffic to TMM can be disrupted.

6.5CVSS6.4AI score0.00178EPSS