Big-ip Domain Name System Security Vulnerabilities and Issues — Big-ip Domain Name System CVE List

Lucene search

F5Big-ip Domain Name System

5 matches found

CVE•added 2023/05/03 3:15 p.m.•51 views

CVE-2023-27378

Multiple reflected cross-site scripting (XSS) vulnerabilities exist in undisclosed pages of the BIG-IP Configuration utility which allow an attacker to run JavaScript in the context of the currently logged-in user. Note: Software versions which have reached End of Technical Support (EoTS) are not e...

7.5CVSS6.3AI score0.00354EPSS

CVE•added 2023/05/03 3:15 p.m.•50 views

CVE-2023-24594

When an SSL profile is configured on a Virtual Server, undisclosed traffic can cause an increase in CPU or SSL accelerator resource utilization. Note: Software versions which have reached End of Technical Support (EoTS) are not evaluated.

5.3CVSS5.6AI score0.00136EPSS

CVE•added 2023/05/03 3:15 p.m.•45 views

CVE-2023-28742

When DNS is provisioned, an authenticated remote command execution vulnerability exists in DNS iQuery mesh. Note: Software versions which have reached End of Technical Support (EoTS) are not evaluated.

8.8CVSS7.9AI score0.02327EPSS

CVE•added 2023/05/03 3:15 p.m.•44 views

CVE-2023-29163

When UDP profile with idle timeout set to immediate or the value 0 is configured on a virtual server, undisclosed traffic can cause TMM to terminate. Note: Software versions which have reached End of Technical Support (EoTS) are not evaluated.

7.5CVSS7.6AI score0.00402EPSS

CVE•added 2023/05/03 3:15 p.m.•41 views

CVE-2023-28406

A directory traversal vulnerability exists in an undisclosed page of the BIG-IP Configuration utility which may allow an authenticated attacker to read files with .xml extension. Access to restricted information is limited and the attacker does not control what information is obtained. Note: Softwa...

4.3CVSS4.7AI score0.00604EPSS