Big-ip Access Policy Manager Security Vulnerabilities and Issues — Big-ip Access Policy Manager CVE List

Lucene search

F5Big-ip Access Policy Manager

4 matches found

CVE•added 2020/02/21 6:15 p.m.•849 views

CVE-2013-3587

The HTTPS protocol, as used in unspecified web applications, can encrypt compressed data without properly obfuscating the length of the unencrypted data, which makes it easier for man-in-the-middle attackers to obtain plaintext secret values by observing length differences during a series of guesse...

5.9CVSS5AI score0.14659EPSS

CVE•added 2020/02/06 4:15 p.m.•59 views

CVE-2020-5856

On BIG-IP 15.0.0-15.0.1.1 and 14.1.0-14.1.2.2, while processing specifically crafted traffic using the default 'xnet' driver, Virtual Edition instances hosted in Amazon Web Services (AWS) may experience a TMM restart.

7.5CVSS7.4AI score0.00891EPSS

CVE•added 2020/02/06 4:15 p.m.•56 views

CVE-2020-5855

When the Windows Logon Integration feature is configured for all versions of BIG-IP Edge Client for Windows, unauthorized users who have physical access to an authorized user's machine can get shell access under unprivileged user.

4.6CVSS4.6AI score0.0015EPSS

CVE•added 2020/02/06 4:15 p.m.•50 views

CVE-2020-5854

On BIG-IP 15.0.0-15.0.1.1, 14.1.0-14.1.2.2, 14.0.0-14.0.1, 13.1.0-13.1.3.1, 12.1.0-12.1.5, and 11.6.0-11.6.5.1, the tmm crashes under certain circumstances when using the connector profile if a specific sequence of connections are made.

5.9CVSS5.7AI score0.00891EPSS