Big-ip Analytics Security Vulnerabilities and Issues — Big-ip Analytics CVE List

Lucene search

F5Big-ip Analytics

9 matches found

CVE•added 2019/03/13 10:29 p.m.•58 views

CVE-2019-6600

In BIG-IP 14.0.0-14.0.0.2, 13.0.0-13.1.1.3, 12.1.0-12.1.3.7, 11.6.1-11.6.3.2, or 11.5.1-11.5.8, when remote authentication is enabled for administrative users and all external users are granted the "guest" role, unsanitized values can be reflected to the client via the login page. This can lead to ...

6.1CVSS6.3AI score0.00363EPSS

CVE•added 2019/03/28 9:29 p.m.•58 views

CVE-2019-6608

On BIG-IP 11.5.1-11.6.3, 12.1.0-12.1.3, 13.0.0-13.1.1.1, and 14.0.0-14.0.0.2, under certain conditions, the snmpd daemon may leak memory on a multi-blade BIG-IP vCMP guest when processing authorized SNMP requests.

7.1CVSS5.7AI score0.00611EPSS

CVE•added 2019/03/28 9:29 p.m.•55 views

CVE-2019-6604

On BIG-IP 11.5.1-11.5.8, 11.6.1-11.6.3, 12.1.0-12.1.3.6, 13.0.0-13.1.1.1, and 14.0.0-14.0.0.2, under certain conditions, hardware systems with a High-Speed Bridge and using non-default Layer 2 forwarding configurations may experience a lockup of the High-Speed Bridge.

6.8CVSS6.6AI score0.00647EPSS

CVE•added 2019/03/13 10:29 p.m.•50 views

CVE-2019-6598

In BIG-IP 14.0.0-14.0.0.2, 13.0.0-13.1.0.7, 12.1.0-12.1.3.5, 11.6.1-11.6.3.2, or 11.5.1-11.5.8 or Enterprise Manager 3.1.1, malformed requests to the Traffic Management User Interface (TMUI), also referred to as the BIG-IP Configuration utility, may lead to disruption of TMUI services. This attack ...

4.3CVSS4.5AI score0.00321EPSS

CVE•added 2019/03/13 10:29 p.m.•49 views

CVE-2019-6597

In BIG-IP 13.0.0-13.1.1.1, 12.1.0-12.1.3.7, 11.6.1-11.6.3.2, or 11.5.1-11.5.8 or Enterprise Manager 3.1.1, when authenticated administrative users run commands in the Traffic Management User Interface (TMUI), also referred to as the BIG-IP Configuration utility, restrictions on allowed commands may...

7.2CVSS6.9AI score0.00466EPSS

CVE•added 2019/03/28 9:29 p.m.•47 views

CVE-2019-6606

On BIG-IP 11.5.1-11.6.3.4, 12.1.0-12.1.3.7, 13.0.0-13.1.1.3, and 14.0.0-14.0.0.2, when processing certain SNMP requests with a request-id of 0, the snmpd process may leak a small amount of memory.

4.3CVSS4.6AI score0.00269EPSS

CVE•added 2019/03/28 9:29 p.m.•45 views

CVE-2019-6602

In BIG-IP 11.5.1-11.5.8 and 11.6.1-11.6.3, the Configuration Utility login page may not follow best security practices when handling a malicious request.

7.5CVSS7.5AI score0.0051EPSS

CVE•added 2019/03/28 9:29 p.m.•45 views

CVE-2019-6603

In BIG-IP 11.5.1-11.5.8, 11.6.1-11.6.3, 12.1.0-12.1.3, and 13.0.0-13.0.1, malformed TCP packets sent to a self IP address or a FastL4 virtual server may cause an interruption of service. The control plane is not exposed to this issue. This issue impacts the data plane virtual servers and self IPs.

7.5CVSS7.4AI score0.00749EPSS

CVE•added 2019/03/28 9:29 p.m.•42 views

CVE-2019-6605

On BIG-IP 11.5.1-11.5.8, 11.6.1-11.6.3, and 12.0.x, an undisclosed sequence of packets received by an SSL virtual server and processed by an associated Client SSL or Server SSL profile may cause a denial of service.

7.5CVSS7.4AI score0.00891EPSS