27 matches found
CVE-2020-5902
CVE-2020-5902 is an unauthenticated RCE in F5 BIG-IP TMUI (Traffic Management User Interface). The root cause is a path traversal/authentication bypass flaw in TMUI that allows remote attackers to trigger arbitrary code execution on vulnerable BIG-IP devices. Affected versions include multiple 11...
CVE-2021-22986
CVE-2021-22986 affects F5 BIG-IP iControl REST, allowing unauthenticated remote command execution. Affected software ranges include BIG-IP 16.0.0–16.0.1 (before 16.0.1.1), 15.1.x (before 15.1.2.1), 14.1.x (before 14.1.4), 13.1.x (before 13.1.3.6), 12.1.x (before 12.1.5.3), and BIG-IQ 7.1.0.x (bef...
CVE-2021-22991
CVE-2021-22991 affects BIG-IP Traffic Management Microkernel (TMM) URI normalization, where undisclosed requests to a virtual server may trigger a buffer overflow in TMM. This can cause a DoS and, in some scenarios, bypass URL-based access controls or enable remote code execution. The issue impac...
CVE-2021-22990
CVE-2021-22990 affects BIG-IP TMUI (Configuration utility) when Advanced WAF/ASM is provisioned. It is an authenticated remote command execution vulnerability in undisclosed TMUI pages that can be exploited by highly privileged, network-accessible users via the management port or self IPs. Fixed ...
CVE-2020-5929
Summary (CVE-2020-5929): BIG-IP platforms with Cavium Nitrox SSL hardware acceleration cards, a Virtual Server using a Client SSL profile, and ADH/DHE key exchange (with Single DH use not enabled) are vulnerable to crafted TLS handshakes that may recover plaintext by exploiting PMS starting with ...
CVE-2021-22987
CVE-2021-22987 is a confirmed BIG-IP TMUI (Configuration utility) vulnerability in Appliance mode. An authenticated remote attacker with network access to the BIG-IP management surface can execute arbitrary commands due to a flaw in undisclosed TMUI pages. Affected versions include 16.0.x before ...
CVE-2021-22989
CVE-2021-22989 affects BIG-IP appliances in Appliance mode with Advanced WAF/ASM, where TMUI (Configuration utility) can be abused via authenticated remote command execution in undisclosed pages. Affected versions include 16.0.x before 16.0.1.1, 15.1.x before 15.1.2.1, 14.1.x before 14.1.4, 13.1....
CVE-2021-22992
The CVE-2021-22992 vulnerability affects BIG-IP Advanced WAF/ASM: a crafted HTTP response sent to a virtual server with a Login Page can trigger a buffer overflow, enabling denial-of-service and, in certain cases, remote code execution leading to full system compromise. Affected versions include ...
CVE-2021-22988
CVE-2021-22988 affects BIG-IP TMUI (Configuration utility). In particular, authenticated remote command execution is possible via undisclosed TMUI pages on affected releases. Affected lines include BIG-IP 16.x before 16.0.1.1, 15.x before 15.1.2.1, 14.x before 14.1.4, 13.x before 13.1.3.6, 12.x b...
CVE-2021-22994
CVE-2021-22994 is an XSS flaw in BIG-IP iControl REST that enables a reflected XSS leading to complete system compromise when the victim is an admin. Affected: BIG-IP versions and branches as per F5 advisories (K66851119 and related entries): 16.x vulnerable 16.0.0–16.0.1; fix in 16.1.0.1/16.1.0+...
CVE-2020-5947
This CVE affects BIG-IP platforms (2000, 4000, i2000, i4000, and VE). The vulnerable component is TCP sequence handling in BIG-IP virtual server code, with root cause described as a design/logic flaw that allows attackers to obtain and reuse TCP sequence numbers. Affected versions include 16.0.0–...
CVE-2020-27719
CVE-2020-27719 affects F5 BIG-IP products (LTM, AAM, Advanced WAF, etc.) with a cross-site scripting (XSS) vulnerability in an undisclosed page of the BIG-IP Configuration utility. Affected versions include 16.0.0–16.0.0.1, 15.1.0–15.1.0.5, and 14.1.0–14.1.3. The root cause is an XSS flaw on an i...
CVE-2021-22998
CVE-2021-22998 affects BIG-IP SNAT listeners: SYN flood protection thresholds are not enforced, potentially allowing affected SNAT traffic to exceed protection. Fixed in later BIG-IP releases; upgrade to 16.1.0 or 16.0.1.1 and later per vendor advisories. Exploitation details are not provided in ...
CVE-2021-23004
CVE-2021-23004 affects BIG-IP MPTCP handling. Affects BIG-IP versions including 16.0.x before 16.0.1.1, 15.1.x before 15.1.2, 14.1.x before 14.1.3.1, 13.1.x before 13.1.3.6, 12.1.x before 12.1.5.3, and 11.6.x before 11.6.5.3. The issue allows creation of Multipath TCP (MPTCP) forwarding flows on ...
CVE-2021-22999
CVE-2021-22999 affects BIG-IP HTTP/2 profiles: when an HTTP/2 client closes a slow connection, the system may indefinitely retain streams, causing a memory leak and potential DoS. Affected versions include 15.0.x before 15.1.0 and 14.1.x before 14.1.4; remediation involves upgrading to non‑vulner...
CVE-2021-23000
CVE-2021-23000 affects F5 BIG-IP TMM on affected BIG-IP versions (13.1.3.4–13.1.3.6 and 12.1.5.2). A sequence of malicious requests can trigger a restart of TMM when the tmm.http.rfc.enforcement BigDB key is enabled or the AFM HTTP security profile’s Bad host header check is used. Impact per the ...
CVE-2020-5913
CVE-2020-5913 affects F5 BIG-IP: the BIG-IP Client or Server SSL profile ignores revoked certificates even when a valid CRL is present, enabling potential MITM in SSL/TLS connections. Affected versions include 11.6.1–11.6.5.2, 12.1.0–12.1.5.1, 13.1.0–13.1.3.4, 14.1.0–14.1.2.3, and 15.0.0–15.1.0.1...
CVE-2021-23003
CVE-2021-23003 affects BIG-IP Traffic Management Microkernel (TMM) across multiple releases. The TMM may produce a core file when undisclosed MPTCP traffic passes through a standard virtual server. Vulnerable versions include BIG-IP 16.0.0–16.0.1, 15.1.x up to 15.1.1, 14.1.x up to 14.1.3.1, 13.1....
CVE-2019-6630
The CVE-2019-6630 entry applies to F5 SSL Orchestrator, specifically versions 14.1.0-14.1.0.5 and 14.0.0-14.0.0.4, where undisclosed traffic flow can cause the Traffic Management Microkernel (TMM) to restart under certain circumstances. This may disrupt service for deployments using transparent p...
CVE-2020-5922
CVE-2020-5922 affects F5 BIG-IP iControl REST: vulnerable when using Basic Authentication in a browser due to missing CSRF protections. Impact described as that an attacker could run malicious actions in the context of an authenticated user, with higher risk for admins who can access bash and pot...
CVE-2019-6627
F5 SSL Orchestrator CVE-2019-6627 involves a race-condition in TMM that may restart the engine when SSL Forward Proxy enforces bypass on a transparent virtual server with SNAT enabled. Affected releases include 14.1.0 – 14.1.0.5; the advisory indicates fixes introduced in 14.1.0.6. Impact is traf...
CVE-2021-23001
CVE-2021-23001 affects BIG-IP Advanced WAF/ASM; an authenticated user can upload files via an undisclosed iControl REST endpoint, potentially exhausting disk space or enabling later attacks. Affected versions include 16.0.0–16.0.1, 15.1.x, 14.1.x, 13.1.x, 12.1.x, and 11.6.x. Remediation: upgrade ...
CVE-2020-5912
CVE-2020-5912 affects F5 BIG-IP restjavad dump command. A locally authenticated attacker may overwrite arbitrary files in several BIG-IP releases. Affected: BIG-IP 11.6.1–11.6.5.1, 12.1.0–12.1.5.1, 13.1.0–13.1.3.3, 14.1.0–14.1.2.3, 15.0.0–15.0.1.3, 15.1.0–15.1.0.4. Remediation: upgrade to non‑vul...
CVE-2020-5916
CVE-2020-5916 affects F5 BIG-IP: certificates admin and higher privileged roles can read arbitrary files outside the web root via the BIG-IP Configuration utility. Affects BIG-IP versions 15.1.0–15.1.0.4 and 15.0.0–15.0.1. The root cause is improper enforcement of file read permissions in the Con...
CVE-2020-5938
The CVE concerns F5 BIG-IP IPsec negotiation where, during tunnel setup with authenticated peers, the peer may agree on a key length outside the BIG-IP‑configured policy. Affected BIG‑IP versions: 11.6.1–11.6.5.2, 12.1.0–12.1.5.x, and 13.1.0–13.1.3.4. The vulnerability can lead to weaker-than-con...
CVE-2019-6674
The CVE affects F5 SSL Orchestrator’s Traffic Management Microkernel (TMM) and may crash when processing SSLO data in a service-chaining configuration. Affected versions are 15.0.0–15.0.1 and 14.0.0–14.1.2; remediation is to upgrade to fixed releases: 15.1.0 for 15.x and 14.1.2.1 for 14.x. Docume...
CVE-2017-6130
CVE-2017-6130 affects F5 SSL Intercept iApp 1.5.0–1.5.7 and SSL Orchestrator 2.0 when deployed with SNAT Automap and Dynamic Domain Bypass (DDB). The root cause is Server-Side Request Forgery (SSRF) allowing remote attacker to abuse egress routing, with CVSS v3.0 base score 7.3 (from F5 advisory)...