Lucene search

K
F5Big-ip Domain Name System

383 matches found

CVE
CVE
added 2022/05/05 5:15 p.m.66 views

CVE-2022-28707

On F5 BIG-IP 16.1.x versions prior to 16.1.2.2, 15.1.x versions prior to 15.1.5.1, and 14.1.x versions prior to 14.1.4.6, a stored cross-site scripting (XSS) vulnerability exists in an undisclosed page of the BIG-IP Configuration utility (also referred to as the BIG-IP TMUI) that allows an attacker...

8CVSS5.4AI score0.00712EPSS
CVE
CVE
added 2020/12/24 4:15 p.m.65 views

CVE-2020-27719

On BIG-IP 16.0.0-16.0.0.1, 15.1.0-15.1.0.5, and 14.1.0-14.1.3, a cross-site scripting (XSS) vulnerability exists in an undisclosed page of the BIG-IP Configuration utility.

6.1CVSS5.9AI score0.00466EPSS
CVE
CVE
added 2022/08/04 6:15 p.m.65 views

CVE-2022-35240

In BIG-IP Versions 16.1.x before 16.1.2.2, 15.1.x before 15.1.6.1, and 14.1.x before 14.1.5, when the Message Routing (MR) Message Queuing Telemetry Transport (MQTT) profile is configured on a virtual server, undisclosed requests can cause an increase in memory resource utilization. Note: Software ...

7.5CVSS7.6AI score0.00484EPSS
CVE
CVE
added 2023/10/10 1:15 p.m.65 views

CVE-2023-40537

An authenticated user's session cookie may remain valid for a limited time after logging out from the BIG-IP Configuration utility on a multi-blade VIPRION platform. Note: Software versions which have reached End of Technical Support (EoTS) are not evaluated.

8.1CVSS8AI score0.00361EPSS
CVE
CVE
added 2023/10/10 1:15 p.m.65 views

CVE-2023-41085

When IPSec is configured on a Virtual Server, undisclosed traffic can cause TMM to terminate. Note: Software versions which have reached End of Technical Support (EoTS) are not evaluated.

7.5CVSS7.5AI score0.00576EPSS
CVE
CVE
added 2019/07/03 6:15 p.m.64 views

CVE-2019-6629

On BIG-IP 14.1.0-14.1.0.5, undisclosed SSL traffic to a virtual server configured with a Client SSL profile may cause TMM to fail and restart. The Client SSL profile must have session tickets enabled and use DHE cipher suites to be affected. This only impacts the data plane, there is no impact to t...

7.5CVSS7.4AI score0.00702EPSS
CVE
CVE
added 2020/12/24 4:15 p.m.64 views

CVE-2020-27715

On BIG-IP 15.1.0-15.1.0.5 and 14.1.0-14.1.3, crafted TLS request to the BIG-IP management interface via port 443 can cause high (~100%) CPU utilization by the httpd daemon.

7.8CVSS7.4AI score0.00611EPSS
CVE
CVE
added 2021/09/14 3:15 p.m.64 views

CVE-2021-23042

On BIG-IP version 16.0.x before 16.0.1.2, 15.1.x before 15.1.3, 14.1.x before 14.1.4, 13.1.x before 13.1.4, and 12.1.x before 12.1.6, when an HTTP profile is configured on a virtual server, undisclosed requests can cause a significant increase in system resource utilization. Note: Software versions...

7.5CVSS7.6AI score0.00647EPSS
CVE
CVE
added 2021/09/14 3:15 p.m.64 views

CVE-2021-23043

On BIG-IP, on all versions of 16.1.x, 16.0.x, 15.1.x, 14.1.x, 13.1.x, 12.1.x, and 11.6.x, a directory traversal vulnerability exists in an undisclosed page of the BIG-IP Configuration utility that allows an attacker to access arbitrary files. Note: Software versions which have reached End of Techni...

6.5CVSS6.7AI score0.0035EPSS
CVE
CVE
added 2022/05/05 5:15 p.m.64 views

CVE-2022-28705

On F5 BIG-IP 16.1.x versions prior to 16.1.2.2, 15.1.x versions prior to 15.1.5.1, 14.1.x versions prior to 14.1.4.6, and 13.1.x versions prior to 13.1.5, on platforms with an ePVA and the pva.fwdaccel BigDB variable enabled, undisclosed requests to a virtual server with a FastL4 profile that has e...

7.5CVSS7.5AI score0.00896EPSS
CVE
CVE
added 2022/10/19 10:15 p.m.64 views

CVE-2022-41983

On specific hardware platforms, on BIG-IP versions 16.1.x before 16.1.3.1, 15.1.x before 15.1.7, 14.1.x before 14.1.5.1, and all versions of 13.1.x, while Intel QAT (QuickAssist Technology) and the AES-GCM/CCM cipher is in use, undisclosed conditions can cause BIG-IP to send data unencrypted even w...

3.7CVSS4.5AI score0.0015EPSS
CVE
CVE
added 2019/07/03 6:15 p.m.63 views

CVE-2019-6625

On BIG-IP 14.1.0-14.1.0.5, 14.0.0-14.0.0.4, 13.0.0-13.1.1.4, 12.1.0-12.1.4, and 11.5.1-11.6.4, a reflected cross-site scripting (XSS) vulnerability exists in an undisclosed page of the BIG-IP Traffic Management User Interface (TMUI) also known as the BIG-IP Configuration utility.

6.1CVSS6AI score0.00351EPSS
CVE
CVE
added 2020/12/11 7:15 p.m.63 views

CVE-2020-5949

On BIG-IP versions 14.0.0-14.0.1 and 13.1.0-13.1.3.4, certain traffic pattern sent to a virtual server configured with an FTP profile can cause the FTP channel to break.

7.5CVSS7.4AI score0.00647EPSS
CVE
CVE
added 2022/10/19 10:15 p.m.63 views

CVE-2022-36795

In BIG-IP versions 17.0.x before 17.0.0.1, 16.1.x before 16.1.3.1, 15.1.x before 15.1.7, and 14.1.x before 14.1.5.1, when an LTM TCP profile with Auto Receive Window Enabled is configured on a virtual server, undisclosed traffic can cause the virtual server to stop processing new client connections...

7.5CVSS6.3AI score0.00136EPSS
CVE
CVE
added 2019/11/26 3:15 p.m.62 views

CVE-2019-6675

BIG-IP configurations using Active Directory, LDAP, or Client Certificate LDAP for management authentication with multiple servers are exposed to a vulnerability which allows an authentication bypass. This can result in a complete compromise of the system. This issue only impacts specific engineeri...

9.8CVSS9.5AI score0.00135EPSS
CVE
CVE
added 2022/08/04 6:15 p.m.62 views

CVE-2022-34844

In BIG-IP Versions 16.1.x before 16.1.3.1 and 15.1.x before 15.1.6.1, and all versions of BIG-IQ 8.x, when the Data Plane Development Kit (DPDK)/Elastic Network Adapter (ENA) driver is used with BIG-IP or BIG-IQ on Amazon Web Services (AWS) systems, undisclosed traffic can cause the Traffic Managem...

7.5CVSS6.6AI score0.00313EPSS
CVE
CVE
added 2022/10/19 10:15 p.m.62 views

CVE-2022-41787

In BIG-IP versions 17.0.x before 17.0.0.1, 16.1.x before 16.1.3.1, 15.1.x before 15.1.6.1, 14.1.x before 14.1.5.1, and 13.1.x before 13.1.5.1, when DNS profile is configured on a virtual server with DNS Express enabled, undisclosed DNS queries with DNSSEC can cause TMM to terminate.

7.5CVSS7.6AI score0.00383EPSS
CVE
CVE
added 2024/08/14 3:15 p.m.62 views

CVE-2024-41164

When TCP profile with Multipath TCP enabled (MPTCP) is configured on a Virtual Server, undisclosed traffic along with conditions beyond the attackers control can cause TMM to terminate. Note: Software versions which have reached End of Technical Support (EoTS) are not evaluated.

8.2CVSS5.7AI score0.00299EPSS
CVE
CVE
added 2016/08/26 2:59 p.m.61 views

CVE-2016-5023

Virtual servers in F5 BIG-IP systems 11.2.1 HF11 through HF15, 11.4.1 HF4 through HF10, 11.5.3 through 11.5.4, 11.6.0 HF5 through HF7, and 12.0.0, when configured with a TCP profile, allow remote attackers to cause a denial of service (Traffic Management Microkernel restart) via crafted network tra...

7.5CVSS7.2AI score0.02099EPSS
CVE
CVE
added 2016/09/07 7:28 p.m.61 views

CVE-2016-6876

The RESOLV::lookup iRule command in F5 BIG-IP LTM, APM, ASM, and Link Controller 10.2.1 through 10.2.4, 11.2.1, 11.4.x, 11.5.x before 11.5.4 HF2, 11.6.x before 11.6.1, and 12.0.0 before HF3; BIG-IP AAM, AFM, and PEM 11.4.x, 11.5.x before 11.5.4 HF2, 11.6.x before 11.6.1, and 12.0.0 before HF3; BIG-...

7.5CVSS7.4AI score0.00891EPSS
CVE
CVE
added 2019/02/26 3:29 p.m.61 views

CVE-2019-6593

On BIG-IP 11.5.1-11.5.4, 11.6.1, and 12.1.0, a virtual server configured with a Client SSL profile may be vulnerable to a chosen ciphertext attack against CBC ciphers. When exploited, this may result in plaintext recovery of encrypted messages through a man-in-the-middle (MITM) attack, despite the ...

5.9CVSS4.5AI score0.00407EPSS
CVE
CVE
added 2020/04/30 9:15 p.m.61 views

CVE-2020-5886

On versions 15.0.0-15.1.0.1, 14.1.0-14.1.2.3, 13.1.0-13.1.3.3, and 12.1.0-12.1.5.1, BIG-IP systems setup for connection mirroring in a High Availability (HA) pair transfers sensitive cryptographic objects over an insecure communications channel. This is a control plane issue which is exposed only o...

9.1CVSS9.3AI score0.00244EPSS
CVE
CVE
added 2020/07/01 3:15 p.m.61 views

CVE-2020-5903

In BIG-IP versions 15.0.0-15.1.0.3, 14.1.0-14.1.2.5, 13.1.0-13.1.3.3, 12.1.0-12.1.5.1, a Cross-Site Scripting (XSS) vulnerability exists in an undisclosed page of the BIG-IP Configuration utility.

6.1CVSS6.4AI score0.09081EPSS
CVE
CVE
added 2020/07/01 3:15 p.m.61 views

CVE-2020-5904

In BIG-IP versions 15.0.0-15.1.0.3, 14.1.0-14.1.2.5, 13.1.0-13.1.3.3, 12.1.0-12.1.5.1, a cross-site request forgery (CSRF) vulnerability in the Traffic Management User Interface (TMUI), also referred to as the Configuration utility, exists in an undisclosed page.

8.8CVSS8.6AI score0.00279EPSS
CVE
CVE
added 2021/02/12 8:15 p.m.61 views

CVE-2021-22977

On BIG-IP version 16.0.0-16.0.1 and 14.1.2.4-14.1.3, cooperation between malicious HTTP client code and a malicious server may cause TMM to restart and generate a core file. Note: Software versions which have reached End of Software Development (EoSD) are not evaluated.

7.5CVSS7.5AI score0.00647EPSS
CVE
CVE
added 2021/03/31 6:15 p.m.61 views

CVE-2021-22998

On BIG-IP versions 16.0.x before 16.0.1.1, 15.1.x before 15.1.2.1, 14.1.x before 14.1.4, 13.1.x before 13.1.3.6, 12.1.x before 12.1.5.3, and 11.6.x before 11.6.5.3, SYN flood protection thresholds are not enforced in secure network address translation (SNAT) listeners. Note: Software versions which...

5.3CVSS5.7AI score0.00628EPSS
CVE
CVE
added 2022/05/05 5:15 p.m.61 views

CVE-2022-27878

On all versions of 16.1.x, 15.1.x, 14.1.x, 13.1.x, 12.1.x, and 11.6.x of F5 BIG-IP, and F5 BIG-IP Guided Configuration (GC) all versions prior to 9.0, a stored cross-site scripting (XSS) vulnerability exists in an undisclosed page of the BIG-IP Configuration utility that allows an attacker to execu...

6.8CVSS6.2AI score0.00374EPSS
CVE
CVE
added 2023/02/01 6:15 p.m.61 views

CVE-2023-22418

On versions 17.0.x before 17.0.0.2, 16.1.x before 16.1.3.3, 15.1.x before 15.1.7, 14.1.x before 14.1.5.3, and all versions of 13.1.x, an open redirect vulnerability exists on virtual servers enabled with a BIG-IP APM access policy. This vulnerability allows an unauthenticated malicious attacker to ...

6.1CVSS6.5AI score0.00201EPSS
CVE
CVE
added 2023/10/10 1:15 p.m.61 views

CVE-2023-40542

When TCP Verified Accept is enabled on a TCP profile that is configured on a Virtual Server, undisclosed requests can cause an increase in memory resource utilization. Note: Software versions which have reached End of Technical Support (EoTS) are not evaluated

7.5CVSS7.5AI score0.00576EPSS
CVE
CVE
added 2023/10/10 1:15 p.m.61 views

CVE-2023-41253

When on BIG-IP DNS or BIG-IP LTM enabled with DNS Services License, and a TSIG key is created, it is logged in plaintext in the audit log. Note: Software versions which have reached End of Technical Support (EoTS) are not evaluated.

5.5CVSS5.8AI score0.00226EPSS
CVE
CVE
added 2021/03/31 6:15 p.m.60 views

CVE-2021-23000

On BIG-IP versions 13.1.3.4-13.1.3.6 and 12.1.5.2, if the tmm.http.rfc.enforcement BigDB key is enabled in a BIG-IP system, or the Bad host header value is checked in the AFM HTTP security profile associated with a virtual server, in rare instances, a specific sequence of malicious requests may cau...

7.5CVSS7.6AI score0.00647EPSS
CVE
CVE
added 2021/03/31 6:15 p.m.60 views

CVE-2021-23004

On BIG-IP versions 16.0.x before 16.0.1.1, 15.1.x before 15.1.2, 14.1.x before 14.1.3.1, 13.1.x before 13.1.3.6, 12.1.x before 12.1.5.3, and 11.6.x before 11.6.5.3, Multipath TCP (MPTCP) forwarding flows may be created on standard virtual servers without MPTCP enabled in the applied TCP profile. No...

7.5CVSS7.6AI score0.00647EPSS
CVE
CVE
added 2023/10/10 1:15 p.m.60 views

CVE-2023-43485

When TACACS+ audit forwarding is configured on BIG-IP or BIG-IQ system, sharedsecret is logged in plaintext in the audit log. Note: Software versions which have reached End of Technical Support (EoTS) are not evaluated.

5.5CVSS5.8AI score0.00226EPSS
CVE
CVE
added 2016/06/30 5:59 p.m.59 views

CVE-2016-5020

F5 BIG-IP before 12.0.0 HF3 allows remote authenticated users to modify the account configuration of users with the Resource Administration role and gain privilege via a crafted external Extended Application Verification (EAV) monitor script.

9CVSS8.3AI score0.01763EPSS
CVE
CVE
added 2020/12/24 4:15 p.m.59 views

CVE-2020-27717

On BIG-IP DNS 16.0.0-16.0.0.1, 15.1.0-15.1.0.5, 14.1.0-14.1.3, 13.1.0-13.1.3.4, and 12.1.0-12.1.5.2, undisclosed series of DNS requests may cause TMM to restart and generate a core file.

7.8CVSS7.4AI score0.00916EPSS
CVE
CVE
added 2020/01/14 4:15 p.m.59 views

CVE-2020-5851

On impacted versions and platforms the Trusted Platform Module (TPM) system integrity check cannot detect modifications to specific system components. This issue only impacts specific engineering hotfixes and platforms. NOTE: This vulnerability does not affect any of the BIG-IP major, minor or main...

4.6CVSS4.7AI score0.00206EPSS
CVE
CVE
added 2020/02/06 4:15 p.m.59 views

CVE-2020-5856

On BIG-IP 15.0.0-15.0.1.1 and 14.1.0-14.1.2.2, while processing specifically crafted traffic using the default 'xnet' driver, Virtual Edition instances hosted in Amazon Web Services (AWS) may experience a TMM restart.

7.5CVSS7.4AI score0.00891EPSS
CVE
CVE
added 2022/05/05 5:15 p.m.59 views

CVE-2022-26835

On F5 BIG-IP 16.1.x versions prior to 16.1.2.2, 15.1.x versions prior to 15.1.5.1, 14.1.x versions prior to 14.1.4.6, 13.1.x versions prior to 13.1.5, and all versions of 12.1.x and 11.6.x, directory traversal vulnerabilities exist in undisclosed iControl REST endpoints and TMOS Shell (tmsh) comman...

4.9CVSS5.7AI score0.00505EPSS
CVE
CVE
added 2022/08/04 6:15 p.m.59 views

CVE-2022-35236

In BIG-IP Versions 16.1.x before 16.1.2.2, 15.1.x before 15.1.6.1, and 14.1.x before 14.1.5, when an HTTP2 profile is configured on a virtual server, undisclosed traffic can cause an increase in memory resource utilization. Note: Software versions which have reached End of Technical Support (EoTS) ...

7.5CVSS7.6AI score0.00484EPSS
CVE
CVE
added 2019/03/13 10:29 p.m.58 views

CVE-2019-6600

In BIG-IP 14.0.0-14.0.0.2, 13.0.0-13.1.1.3, 12.1.0-12.1.3.7, 11.6.1-11.6.3.2, or 11.5.1-11.5.8, when remote authentication is enabled for administrative users and all external users are granted the "guest" role, unsanitized values can be reflected to the client via the login page. This can lead to ...

6.1CVSS6.3AI score0.00363EPSS
CVE
CVE
added 2020/04/30 9:15 p.m.58 views

CVE-2020-5887

On versions 15.1.0-15.1.0.1, 15.0.0-15.0.1.2, and 14.1.0-14.1.2.3, BIG-IP Virtual Edition (VE) may expose a mechanism for remote attackers to access local daemons and bypass port lockdown settings.

9.1CVSS8.9AI score0.00372EPSS
CVE
CVE
added 2022/05/05 5:15 p.m.58 views

CVE-2022-29473

On F5 BIG-IP 15.1.x versions prior to 15.1.5.1, 14.1.x versions prior to 14.1.4.6, and 13.1.x versions prior to 13.1.5, when an IPSec ALG profile is configured on a virtual server, undisclosed responses can cause Traffic Management Microkernel(TMM) to terminate. Note: Software versions which have r...

7.5CVSS7.5AI score0.00674EPSS
CVE
CVE
added 2022/08/04 6:15 p.m.58 views

CVE-2022-33947

In BIG-IP Versions 16.1.x before 16.1.3, 15.1.x before 15.1.6.1, 14.1.x before 14.1.5, and all versions of 13.1.x, a vulnerability exists in undisclosed pages of the BIG-IP DNS Traffic Management User Interface (TMUI) that allows an authenticated attacker with at least operator role privileges to c...

6.5CVSS6AI score0.00194EPSS
CVE
CVE
added 2022/08/04 6:15 p.m.58 views

CVE-2022-35272

In BIG-IP Versions 17.0.x before 17.0.0.1 and 16.1.x before 16.1.3.1, when source-port preserve-strict is configured on an HTTP Message Routing Framework (MRF) virtual server, undisclosed traffic may cause the Traffic Management Microkernel (TMM) to produce a core file and the connection to termina...

7.5CVSS5.7AI score0.00306EPSS
CVE
CVE
added 2023/10/10 1:15 p.m.58 views

CVE-2023-42768

When a non-admin user has been assigned an administrator role via an iControl REST PUT request and later the user's role is reverted back to a non-admin role via the Configuration utility, tmsh, or iControl REST. BIG-IP non-admin user can still have access to iControl REST admin resource. Note: Sof...

7.2CVSS7AI score0.00428EPSS
CVE
CVE
added 2016/08/26 2:59 p.m.57 views

CVE-2016-1497

The Configuration utility in F5 BIG-IP systems 11.0.x, 11.1.x, 11.2.x before 11.2.1 HF16, 11.3.x, 11.4.x before 11.4.1 HF10, 11.5.x before 11.5.4 HF2, 1.6.x before 11.6.1, and 12.0.0 before HF1 allows remote administrators to read Access Policy Manager (APM) access logs via unspecified vectors.

4.9CVSS4.9AI score0.00304EPSS
CVE
CVE
added 2016/08/19 9:59 p.m.57 views

CVE-2016-5736

The default configuration of the IPsec IKE peer listener in F5 BIG-IP LTM, Analytics, APM, ASM, and Link Controller 11.2.1 before HF16, 11.4.x, 11.5.x before 11.5.4 HF2, 11.6.x before 11.6.1, and 12.x before 12.0.0 HF2; BIG-IP AAM, AFM, and PEM 11.4.x, 11.5.x before 11.5.4 HF2, 11.6.x before 11.6.1...

7.5CVSS7.4AI score0.01487EPSS
CVE
CVE
added 2018/06/01 2:29 p.m.57 views

CVE-2017-6153

Features in F5 BIG-IP 13.0.0-13.1.0.3, 12.1.0-12.1.3.1, 11.6.1-11.6.3.1, 11.5.1-11.5.5, or 11.2.1 system that utilizes inflate functionality directly, via an iRule, or via the inflate code from PEM module are subjected to a service disruption via a "Zip Bomb" attack.

5.3CVSS5.3AI score0.00604EPSS
CVE
CVE
added 2018/10/19 1:29 p.m.57 views

CVE-2018-15315

On F5 BIG-IP 13.0.0-13.1.1.1 and 12.1.0-12.1.3.6, there is a reflected Cross Site Scripting (XSS) vulnerability in an undisclosed Configuration Utility page.

6.1CVSS6AI score0.00259EPSS
CVE
CVE
added 2018/07/25 2:29 p.m.57 views

CVE-2018-5531

Through undisclosed methods, on F5 BIG-IP 13.0.0-13.1.0.7, 12.1.0-12.1.3.5, 11.6.0-11.6.3.1, or 11.2.1-11.5.6, adjacent network attackers can cause a denial of service for VCMP guest and host systems. Attack must be sourced from adjacent network (layer 2).

7.4CVSS7.3AI score0.00177EPSS
Total number of security vulnerabilities383