Big-ip Ddos Hybrid Defender Security Vulnerabilities and Issues — Big-ip Ddos Hybrid Defender CVE List

Lucene search

F5Big-ip Ddos Hybrid Defender

3 matches found

CVE•added 2020/11/19 1:15 a.m.•72 views

CVE-2020-5947

In versions 16.0.0-16.0.0.1 and 15.1.0-15.1.1, on specific BIG-IP platforms, attackers may be able to obtain TCP sequence numbers from the BIG-IP system that can be reused in future connections with the same source and destination port and IP numbers. Only these platforms are affected: BIG-IP 2000 ...

4.3CVSS4.4AI score0.00185EPSS

CVE•added 2020/11/05 8:15 p.m.•44 views

CVE-2020-5939

In versions 16.0.0-16.0.0.1, 15.1.0-15.1.0.3, 15.0.0-15.0.1.3, 14.1.0-14.1.2.6, and 13.1.0-13.1.3.4, BIG-IP Virtual Edition (VE) systems on VMware, with an Intel-based 85299 Network Interface Controller (NIC) card and Single Root I/O Virtualization (SR-IOV) enabled on vSphere, may fail and leave th...

7.5CVSS7.4AI score0.00647EPSS

CVE•added 2020/11/05 8:15 p.m.•41 views

CVE-2020-5943

In versions 14.1.0-14.1.0.1 and 14.1.2.5-14.1.2.7, when a BIG-IP object is created or listed through the REST interface, the protected fields are obfuscated in the REST response, not protected via a SecureVault cryptogram as TMSH does. One example of protected fields is the GTM monitor password.

6.5CVSS6.4AI score0.00154EPSS