Lucene search

K
F5Big-ip Edge Gateway11.6.1

4 matches found

CVE
CVE
added 2019/02/26 3:29 p.m.61 views

CVE-2019-6593

On BIG-IP 11.5.1-11.5.4, 11.6.1, and 12.1.0, a virtual server configured with a Client SSL profile may be vulnerable to a chosen ciphertext attack against CBC ciphers. When exploited, this may result in plaintext recovery of encrypted messages through a man-in-the-middle (MITM) attack, despite the ...

5.9CVSS4.5AI score0.00407EPSS
CVE
CVE
added 2018/04/13 1:29 p.m.47 views

CVE-2017-6156

When the F5 BIG-IP 12.1.0-12.1.1, 11.6.0-11.6.1, 11.5.1-11.5.5, or 11.2.1 system is configured with a wildcard IPSec tunnel endpoint, it may allow a remote attacker to disrupt or impersonate the tunnels that have completed phase 1 IPSec negotiations. The attacker must possess the necessary credenti...

6.4CVSS6.3AI score0.00394EPSS
CVE
CVE
added 2017/10/27 2:29 p.m.46 views

CVE-2017-6161

In F5 BIG-IP LTM, AAM, AFM, Analytics, APM, ASM, DNS, Edge Gateway, GTM, Link Controller, PEM, WebAccelerator software version 12.0.0 - 12.1.2, 11.6.0 - 11.6.1, 11.4.0 - 11.5.4, 11.2.1, when ConfigSync is configured, attackers on adjacent networks may be able to bypass the TLS protections usually u...

5.3CVSS5.2AI score0.02586EPSS
CVE
CVE
added 2018/04/13 1:29 p.m.39 views

CVE-2018-5506

In F5 BIG-IP 13.0.0, 12.1.0-12.1.2, 11.6.1, 11.5.1-11.5.5, or 11.2.1 the Apache modules apache_auth_token_mod and mod_auth_f5_auth_token.cpp allow possible unauthenticated bruteforce on the em_server_ip authorization parameter to obtain which SSL client certificates used for mutual authentication b...

9.8CVSS9.6AI score0.00204EPSS