Big-ip Webaccelerator Security Vulnerabilities and Issues — Big-ip Webaccelerator CVE List

Lucene search

F5Big-ip Webaccelerator

9 matches found

CVE•added 2017/06/08 4:29 p.m.•70 views

CVE-2014-6031

Buffer overflow in the mcpq daemon in F5 BIG-IP systems 10.x before 10.2.4 HF12, 11.x before 11.2.1 HF15, 11.3.x, 11.4.x before 11.4.1 HF9, 11.5.x before 11.5.2 HF1, and 11.6.0 before HF4, and Enterprise Manager 2.1.0 through 2.3.0 and 3.x before 3.1.1 HF5 allows remote authenticated administrators...

4.9CVSS5AI score0.00466EPSS

CVE•added 2017/05/01 3:59 p.m.•60 views

CVE-2017-6128

An attacker may be able to cause a denial-of-service (DoS) attack against the sshd component in F5 BIG-IP, Enterprise Manager, BIG-IQ, and iWorkflow.

7.5CVSS7.3AI score0.00926EPSS

CVE•added 2017/03/27 3:59 p.m.•53 views

CVE-2016-7474

In some cases the MCPD binary cache in F5 BIG-IP devices may allow a user with Advanced Shell access, or privileges to generate a qkview, to temporarily obtain normally unrecoverable information.

5.5CVSS5.7AI score0.00108EPSS

CVE•added 2017/06/09 3:29 p.m.•52 views

CVE-2016-7469

A stored cross-site scripting (XSS) vulnerability in the Configuration utility device name change page in BIG-IP LTM, AAM, AFM, Analytics, APM, ASM, DNS, Edge Gateway, GTM, Link Controller, PEM, PSM, WebAccelerator, WOM and WebSafe version 12.0.0 - 12.1.2, 11.4.0 - 11.6.1, and 11.2.1 allows an auth...

5.4CVSS5.1AI score0.00269EPSS

CVE•added 2017/05/10 2:29 p.m.•51 views

CVE-2016-9250

In F5 BIG-IP 11.2.1, 11.4.0 through 11.6.1, and 12.0.0 through 12.1.2, an unauthenticated user with access to the control plane may be able to delete arbitrary files through an undisclosed mechanism.

7.5CVSS7.5AI score0.00608EPSS

CVE•added 2017/03/27 6:59 p.m.•51 views

CVE-2016-9252

The Traffic Management Microkernel (TMM) in F5 BIG-IP before 11.5.4 HF3, 11.6.x before 11.6.1 HF2 and 12.x before 12.1.2 does not properly handle minimum path MTU options for IPv6, which allows remote attackers to cause a denial-of-service (DoS) through unspecified vectors.

7.5CVSS7.4AI score0.01195EPSS

CVE•added 2017/12/21 5:29 p.m.•50 views

CVE-2017-6151

In F5 BIG-IP LTM, AAM, AFM, Analytics, APM, ASM, DNS, Edge Gateway, GTM, Link Controller, PEM, WebAccelerator and WebSafe software version 13.0.0, undisclosed requests made to BIG-IP virtual servers which make use of the "HTTP/2 profile" may result in a disruption of service to TMM.

7.8CVSS7.4AI score0.00492EPSS

CVE•added 2017/10/27 2:29 p.m.•46 views

CVE-2017-6161

In F5 BIG-IP LTM, AAM, AFM, Analytics, APM, ASM, DNS, Edge Gateway, GTM, Link Controller, PEM, WebAccelerator software version 12.0.0 - 12.1.2, 11.6.0 - 11.6.1, 11.4.0 - 11.5.4, 11.2.1, when ConfigSync is configured, attackers on adjacent networks may be able to bypass the TLS protections usually u...

5.3CVSS5.2AI score0.02586EPSS

CVE•added 2017/12/21 5:29 p.m.•46 views

CVE-2017-6164

In F5 BIG-IP LTM, AAM, AFM, Analytics, APM, ASM, DNS, Edge Gateway, GTM, Link Controller, PEM, WebAccelerator and WebSafe software version 13.0.0, 12.0.0 - 12.1.2, 11.6.0 - 11.6.1 and 11.5.0 - 11.5.4, in some circumstances, Traffic Management Microkernel (TMM) does not properly handle certain malfo...

8.1CVSS8.1AI score0.02462EPSS