Big-ip Advanced Firewall Manager@15.1.0.1 Security Vulnerabilities and Issues — Big-ip Advanced Firewall Manager@15.1.0.1 CVE List

Lucene search

F5Big-ip Advanced Firewall Manager15.1.0.1

8 matches found

CVE•added 2020/03/27 3:15 p.m.•138 views

CVE-2020-5862

On BIG-IP 15.1.0-15.1.0.1, 15.0.0-15.0.1.1, and 14.1.0-14.1.2.2, under certain conditions, TMM may crash or stop processing new traffic with the DPDK/ENA driver on AWS systems while sending traffic. This issue does not affect any other platforms, hardware or virtual, or any other cloud provider sin...

7.5CVSS7.5AI score0.00891EPSS

CVE•added 2020/04/30 9:15 p.m.•73 views

CVE-2020-5885

On versions 15.0.0-15.1.0.1, 14.1.0-14.1.2.3, 13.1.0-13.1.3.3, and 12.1.0-12.1.5.1, BIG-IP systems set up for connection mirroring in a high availability (HA) pair transfer sensitive cryptographic objects over an insecure communications channel. This is a control plane issue which is exposed only o...

9.1CVSS9.1AI score0.00244EPSS

CVE•added 2020/04/30 9:15 p.m.•62 views

CVE-2020-5886

On versions 15.0.0-15.1.0.1, 14.1.0-14.1.2.3, 13.1.0-13.1.3.3, and 12.1.0-12.1.5.1, BIG-IP systems setup for connection mirroring in a High Availability (HA) pair transfers sensitive cryptographic objects over an insecure communications channel. This is a control plane issue which is exposed only o...

9.1CVSS9.3AI score0.00244EPSS

CVE•added 2020/04/30 9:15 p.m.•59 views

CVE-2020-5887

On versions 15.1.0-15.1.0.1, 15.0.0-15.0.1.2, and 14.1.0-14.1.2.3, BIG-IP Virtual Edition (VE) may expose a mechanism for remote attackers to access local daemons and bypass port lockdown settings.

9.1CVSS8.9AI score0.00372EPSS

CVE•added 2020/04/30 9:15 p.m.•56 views

CVE-2020-5881

On versions 15.0.0-15.1.0.1, 14.1.0-14.1.2.3, and 13.1.0-13.1.3.3, when the BIG-IP Virtual Edition (VE) is configured with VLAN groups and there are devices configured with OSPF connected to it, the Network Device Abstraction Layer (NDAL) Interfaces can lock up and in turn disrupting the communicat...

7.5CVSS7.4AI score0.00647EPSS

CVE•added 2020/04/30 9:15 p.m.•55 views

CVE-2020-5891

On BIG-IP 15.1.0-15.1.0.1, 15.0.0-15.0.1.2, and 14.1.0-14.1.2.3, undisclosed HTTP/2 requests can lead to a denial of service when sent to a virtual server configured with the Fallback Host setting and a server-side HTTP/2 profile.

7.5CVSS7.3AI score0.00647EPSS

CVE•added 2020/04/30 9:15 p.m.•42 views

CVE-2020-5878

On versions 15.1.0-15.1.0.1, 15.0.0-15.0.1.1, and 14.1.0-14.1.2.3, Traffic Management Microkernel (TMM) may restart on BIG-IP Virtual Edition (VE) while processing unusual IP traffic.

7.5CVSS7.5AI score0.00647EPSS

CVE•added 2020/04/30 9:15 p.m.•39 views

CVE-2020-5877

On BIG-IP 15.0.0-15.1.0.1, 14.1.0-14.1.2.3, 13.1.0-13.1.3.3, 12.1.0-12.1.5.1, and 11.6.1-11.6.5.1, malformed input to the DATAGRAM::tcp iRules command within a FLOW_INIT event may lead to a denial of service.

7.5CVSS7.5AI score0.00647EPSS