|
|
F5 : Security Vulnerabilities (CVSS score between 1 and 3.99)
| # |
CVE ID
|
CWE ID
|
# of Exploits
|
Vulnerability Type(s)
|
Publish Date
|
Update Date
|
Score
|
Gained Access Level
|
Access
|
Complexity
|
Authentication
|
Conf.
|
Integ.
|
Avail.
|
|
1 |
CVE-2019-6633 |
|
|
Bypass |
2019-07-03 |
2020-08-24 |
3.6 |
None |
Local |
Low |
Not required |
Partial |
Partial |
None |
|
On BIG-IP 14.1.0-14.1.0.5, 14.0.0-14.0.0.4, 13.0.0-13.1.1.4, 12.1.0-12.1.4.1, and 11.5.1-11.6.4, when the BIG-IP system is licensed with Appliance mode, user accounts with Administrator and Resource Administrator roles can bypass Appliance mode restrictions. |
|
2 |
CVE-2019-6635 |
|
|
Bypass |
2019-07-03 |
2020-08-24 |
3.6 |
None |
Local |
Low |
Not required |
None |
Partial |
Partial |
|
On BIG-IP 14.1.0-14.1.0.5, 14.0.0-14.0.0.4, 13.0.0-13.1.1.4, 12.1.0-12.1.4, 11.6.1-11.6.3.4, and 11.5.1-11.5.8, when the BIG-IP system is licensed for Appliance mode, a user with either the Administrator or the Resource Administrator role can bypass Appliance mode restrictions. |
|
3 |
CVE-2019-6679 |
59 |
|
|
2019-12-23 |
2020-01-02 |
3.6 |
None |
Local |
Low |
Not required |
None |
Partial |
Partial |
|
On BIG-IP versions 15.0.0-15.0.1, 14.1.0.2-14.1.2.2, 14.0.0.5-14.0.1, 13.1.1.5-13.1.3.1, 12.1.4.1-12.1.5, 11.6.4-11.6.5, and 11.5.9-11.5.10, the access controls implemented by scp.whitelist and scp.blacklist are not properly enforced for paths that are symlinks. This allows authenticated users with SCP access to overwrite certain configuration files that would otherwise be restricted. |
|
4 |
CVE-2020-5912 |
20 |
|
|
2020-08-26 |
2021-07-21 |
3.6 |
None |
Local |
Low |
Not required |
None |
Partial |
Partial |
|
In BIG-IP versions 15.1.0-15.1.0.4, 15.0.0-15.0.1.3, 14.1.0-14.1.2.3, 13.1.0-13.1.3.3, 12.1.0-12.1.5.1, and 11.6.1-11.6.5.1, the restjavad process's dump command does not follow current best coding practices and may overwrite arbitrary files. |
|
5 |
CVE-2016-5236 |
79 |
|
XSS |
2019-07-01 |
2019-07-02 |
3.5 |
None |
Remote |
Medium |
??? |
None |
Partial |
None |
|
Cross-Site-Scripting (XSS) vulnerabilities in F5 WebSafe Dashboard 3.9.5 and earlier, aka F5 WebSafe Alert Server, allow privileged authenticated users to inject arbitrary web script or HTML when creating a new user, account or signature. |
|
6 |
CVE-2016-7467 |
20 |
|
|
2017-04-11 |
2017-07-12 |
3.5 |
None |
Remote |
Medium |
??? |
None |
None |
Partial |
|
The TMM SSO plugin in F5 BIG-IP APM 12.0.0 - 12.1.1, 11.6.0 - 11.6.1 HF1, 11.5.4 - 11.5.4 HF2, when configured as a SAML Identity Provider with a Service Provider (SP) connector, might allow traffic to be disrupted or failover initiated when a malformed, signed SAML authentication request from an authenticated user is sent via the SP connector. |
|
7 |
CVE-2016-7469 |
79 |
|
XSS |
2017-06-09 |
2019-06-06 |
3.5 |
None |
Remote |
Medium |
??? |
None |
Partial |
None |
|
A stored cross-site scripting (XSS) vulnerability in the Configuration utility device name change page in BIG-IP LTM, AAM, AFM, Analytics, APM, ASM, DNS, Edge Gateway, GTM, Link Controller, PEM, PSM, WebAccelerator, WOM and WebSafe version 12.0.0 - 12.1.2, 11.4.0 - 11.6.1, and 11.2.1 allows an authenticated user to inject arbitrary web script or HTML. Exploitation requires Resource Administrator or Administrator privileges, and it could cause the Configuration utility client to become unstable. |
|
8 |
CVE-2017-0302 |
118 |
|
|
2017-05-09 |
2017-07-08 |
3.5 |
None |
Remote |
Medium |
??? |
None |
None |
Partial |
|
In F5 BIG-IP APM 12.0.0 through 12.1.2 and 13.0.0, an authenticated user with an established access session to the BIG-IP APM system may be able to cause a traffic disruption if the length of the requested URL is less than 16 characters. |
|
9 |
CVE-2018-5520 |
863 |
|
|
2018-05-02 |
2020-08-24 |
3.5 |
None |
Remote |
Medium |
??? |
Partial |
None |
None |
|
On an F5 BIG-IP 13.0.0-13.1.0.5, 12.1.0-12.1.3.1, or 11.2.1-11.6.3.1 system configured in Appliance mode, the TMOS Shell (tmsh) may allow an administrative user to use the dig utility to gain unauthorized access to file system resources. |
|
10 |
CVE-2018-5528 |
20 |
|
|
2018-06-27 |
2018-08-31 |
3.5 |
None |
Remote |
Medium |
??? |
None |
None |
Partial |
|
Under certain conditions, TMM may restart and produce a core file while processing APM data on BIG-IP 13.0.1 or 13.1.0.4-13.1.0.7. |
|
11 |
CVE-2019-6591 |
79 |
|
XSS |
2019-02-05 |
2019-02-06 |
3.5 |
None |
Remote |
Medium |
??? |
None |
Partial |
None |
|
On BIG-IP APM 14.0.0 to 14.0.0.4, 13.0.0 to 13.1.1.3 and 12.1.0 to 12.1.3.7, a reflected cross-site scripting (XSS) vulnerability exists in the resource information page for authenticated users when a full webtop is configured on the BIG-IP APM system. |
|
12 |
CVE-2019-6639 |
79 |
|
XSS |
2019-07-03 |
2019-07-09 |
3.5 |
None |
Remote |
Medium |
??? |
None |
Partial |
None |
|
On BIG-IP (AFM, PEM) 14.1.0-14.1.0.5, 14.0.0-14.0.0.4, 13.0.0-13.1.1.4, 12.1.0-12.1.4, 11.6.1-11.6.3.4, and 11.5.1-11.5.8, an undisclosed TMUI pages for AFM and PEM Subscriber management are vulnerable to a stored cross-site scripting (XSS) issue. This is a control plane issue only and is not accessible from the data plane. The attack requires a malicious resource administrator to store the XSS. |
|
13 |
CVE-2019-6653 |
79 |
|
XSS |
2019-09-25 |
2019-10-09 |
3.5 |
None |
Remote |
Medium |
??? |
None |
Partial |
None |
|
There is a Stored Cross Site Scripting vulnerability in the undisclosed page of a BIG-IQ 6.0.0-6.1.0 or 5.2.0-5.4.0 system. The attack can be stored by users granted the Device Manager and Administrator roles. |
|
14 |
CVE-2019-19150 |
532 |
|
|
2019-12-23 |
2019-12-30 |
3.5 |
None |
Remote |
Medium |
??? |
Partial |
None |
None |
|
On versions 15.0.0-15.0.1.1, 14.1.0-14.1.2, 14.0.0-14.0.1, 13.1.0-13.1.3.1, 12.1.0-12.1.5, and 11.5.2-11.6.5.1, the BIG-IP APM system logs the client-session-id when a per-session policy is attached to the virtual server with debug logging enabled. |
|
15 |
CVE-2020-5853 |
79 |
|
XSS |
2020-01-14 |
2020-01-17 |
3.5 |
None |
Remote |
Medium |
??? |
None |
Partial |
None |
|
In BIG-IP APM portal access on versions 15.0.0-15.1.0, 14.0.0-14.1.2.3, 13.1.0-13.1.3.2, 12.1.0-12.1.5, and 11.5.2-11.6.5.1, when backend servers serve HTTP pages with special JavaScript code, this can lead to internal portal access name conflict. |
|
16 |
CVE-2020-5889 |
79 |
|
XSS |
2020-04-30 |
2020-05-05 |
3.5 |
None |
Remote |
Medium |
??? |
None |
Partial |
None |
|
On versions 15.1.0-15.1.0.1, 15.0.0-15.0.1.2, and 14.1.0-14.1.2.3, in BIG-IP APM portal access, a specially crafted HTTP request can lead to reflected XSS after the BIG-IP APM system rewrites the HTTP response from the untrusted backend server and sends it to the client. |
|
17 |
CVE-2020-5932 |
79 |
|
Exec Code XSS |
2020-10-29 |
2020-11-09 |
3.5 |
None |
Remote |
Medium |
??? |
None |
Partial |
None |
|
On BIG-IP ASM 15.1.0-15.1.0.5, a cross-site scripting (XSS) vulnerability exists in the BIG-IP ASM Configuration utility response and blocking pages. An authenticated user with administrative privileges can specify a response page with any content, including JavaScript code that will be executed when preview is opened. |
|
18 |
CVE-2020-5940 |
79 |
|
XSS |
2020-11-05 |
2020-11-12 |
3.5 |
None |
Remote |
Medium |
??? |
None |
Partial |
None |
|
In versions 16.0.0-16.0.0.1, 15.1.0-15.1.0.5, and 14.1.0-14.1.2.3, a stored cross-site scripting (XSS) vulnerability exists in an undisclosed page of the BIG-IP Traffic Management User Interface (TMUI), also known as the BIG-IP Configuration utility. |
|
19 |
CVE-2020-27722 |
400 |
|
|
2020-12-24 |
2020-12-28 |
3.5 |
None |
Remote |
Medium |
??? |
None |
None |
Partial |
|
In BIG-IP APM versions 15.0.0-15.0.1.3, 14.1.0-14.1.3, and 13.1.0-13.1.3.4, under certain conditions, the VDI plugin does not observe plugin flow-control protocol causing excessive resource consumption. |
|
20 |
CVE-2020-27725 |
772 |
|
|
2020-12-24 |
2021-07-21 |
3.5 |
None |
Remote |
Medium |
??? |
None |
None |
Partial |
|
In version 15.1.0-15.1.0.5, 14.1.0-14.1.3, 13.1.0-13.1.3.4, 12.1.0-12.1.5.2, and 11.6.1-11.6.5.2 of BIG-IP DNS, GTM, and Link Controller, zxfrd leaks memory when listing DNS zones. Zones can be listed via TMSH, iControl or SNMP; only users with access to those services can trigger this vulnerability. |
|
21 |
CVE-2021-22983 |
79 |
|
XSS |
2021-02-12 |
2021-02-18 |
3.5 |
None |
Remote |
Medium |
??? |
None |
Partial |
None |
|
On BIG-IP AFM version 15.1.x before 15.1.1, 14.1.x before 14.1.3.1, and 13.1.x before 13.1.3.5, authenticated users accessing the Configuration utility for AFM are vulnerable to a cross-site scripting attack if they attempt to access a maliciously-crafted URL. Note: Software versions which have reached End of Software Development (EoSD) are not evaluated. |
|
22 |
CVE-2021-23038 |
79 |
|
XSS |
2021-09-14 |
2021-09-27 |
3.5 |
None |
Remote |
Medium |
??? |
None |
Partial |
None |
|
On version 16.0.x before 16.0.1.2, 15.1.x before 15.1.3.1, 14.1.x before 14.1.4.2, 13.1.x before 13.1.4.1, and all versions of 12.1.x, a stored cross-site scripting (XSS) vulnerability exists in an undisclosed page of the BIG-IP Configuration utility that allows an attacker to execute JavaScript in the context of the currently logged-in user. Note: Software versions which have reached End of Technical Support (EoTS) are not evaluated. |
|
23 |
CVE-2021-23046 |
532 |
|
|
2021-09-14 |
2021-09-24 |
3.5 |
None |
Remote |
Medium |
??? |
Partial |
None |
None |
|
On all versions of Guided Configuration before 8.0.0, when a configuration that contains secure properties is created and deployed from Access Guided Configuration (AGC), secure properties are logged in restnoded logs. Note: Software versions which have reached End of Technical Support (EoTS) are not evaluated. |
|
24 |
CVE-2022-27662 |
1336 |
|
|
2022-05-05 |
2022-05-13 |
3.5 |
None |
Remote |
Medium |
??? |
None |
Partial |
None |
|
On F5 Traffix SDC 5.2.x versions prior to 5.2.2 and 5.1.x versions prior to 5.1.35, a stored Cross-Site Template Injection vulnerability exists in an undisclosed page of the Traffix SDC Configuration utility that allows an attacker to execute template language-specific instructions in the context of the server. Note: Software versions which have reached End of Technical Support (EoTS) are not evaluated |
|
25 |
CVE-2022-27880 |
79 |
|
XSS |
2022-05-05 |
2022-05-12 |
3.5 |
None |
Remote |
Medium |
??? |
None |
Partial |
None |
|
On F5 Traffix SDC 5.2.x versions prior to 5.2.2 and 5.1.x versions prior to 5.1.35, a stored Cross-Site Scripting (XSS) vulnerability exists in an undisclosed page of the Traffix SDC Configuration utility that allows an attacker to execute JavaScript in the context of the currently logged-in user. Note: Software versions which have reached End of Technical Support (EoTS) are not evaluated |
|
26 |
CVE-2022-28707 |
79 |
|
XSS |
2022-05-05 |
2022-05-12 |
3.5 |
None |
Remote |
Medium |
??? |
None |
Partial |
None |
|
On F5 BIG-IP 16.1.x versions prior to 16.1.2.2, 15.1.x versions prior to 15.1.5.1, and 14.1.x versions prior to 14.1.4.6, a stored cross-site scripting (XSS) vulnerability exists in an undisclosed page of the BIG-IP Configuration utility (also referred to as the BIG-IP TMUI) that allows an attacker to execute JavaScript in the context of the currently logged-in user. Note: Software versions which have reached End of Technical Support (EoTS) are not evaluated |
|
27 |
CVE-2017-6134 |
20 |
|
|
2017-12-21 |
2018-01-12 |
3.3 |
None |
Local Network |
Low |
Not required |
None |
None |
Partial |
|
In F5 BIG-IP LTM, AAM, AFM, Analytics, APM, ASM, DNS, GTM, Link Controller, PEM and WebSafe software version 13.0.0, 12.1.0 - 12.1.2 and 11.5.1 - 11.6.1, an undisclosed sequence of packets, sourced from an adjacent network may cause TMM to crash. |
|
28 |
CVE-2019-6654 |
20 |
|
|
2019-09-25 |
2019-09-26 |
3.3 |
None |
Local Network |
Low |
Not required |
None |
Partial |
None |
|
On versions 14.0.0-14.1.2, 13.0.0-13.1.3, 12.1.0-12.1.5, and 11.5.1-11.6.5, the BIG-IP system fails to perform Martian Address Filtering (As defined in RFC 1812 section 5.3.7) on the control plane (management interface). This may allow attackers on an adjacent system to force BIG-IP into processing packets with spoofed source addresses. |
|
29 |
CVE-2020-5888 |
|
|
Bypass |
2020-04-30 |
2020-05-06 |
3.3 |
None |
Local Network |
Low |
Not required |
Partial |
None |
None |
|
On versions 15.1.0-15.1.0.1, 15.0.0-15.0.1.2, and 14.1.0-14.1.2.3, BIG-IP Virtual Edition (VE) may expose a mechanism for adjacent network (layer 2) attackers to access local daemons and bypass port lockdown settings. |
|
30 |
CVE-2020-5928 |
352 |
|
CSRF |
2020-08-26 |
2020-09-02 |
3.3 |
None |
Local |
Medium |
Not required |
None |
Partial |
Partial |
|
In versions 15.1.0-15.1.0.4, 15.0.0-15.0.1.3, 14.1.0-14.1.2.6, 13.1.0-13.1.3.4, 12.1.0-12.1.5.1, and 11.6.1-11.6.5.1, BIG-IP ASM Configuration utility CSRF protection token can be reused multiple times. |
|
31 |
CVE-2020-5934 |
|
|
|
2020-10-29 |
2020-11-09 |
3.3 |
None |
Local Network |
Low |
Not required |
None |
None |
Partial |
|
On BIG-IP APM 15.1.0-15.1.0.5, 14.1.0-14.1.2.3, and 13.1.0-13.1.3.3, when multiple HTTP requests from the same client to configured SAML Single Logout (SLO) URL are passing through a TCP Keep-Alive connection, traffic to TMM can be disrupted. |
|
32 |
CVE-2022-27495 |
306 |
|
|
2022-05-05 |
2022-05-13 |
3.3 |
None |
Local Network |
Low |
Not required |
None |
Partial |
None |
|
On all versions 1.3.x (fixed in 1.4.0) NGINX Service Mesh control plane endpoints are exposed to the cluster overlay network. Note: Software versions which have reached End of Technical Support (EoTS) are not evaluated |
|
33 |
CVE-2017-6161 |
400 |
|
Bypass |
2017-10-27 |
2017-11-16 |
2.9 |
None |
Local Network |
Medium |
Not required |
None |
None |
Partial |
|
In F5 BIG-IP LTM, AAM, AFM, Analytics, APM, ASM, DNS, Edge Gateway, GTM, Link Controller, PEM, WebAccelerator software version 12.0.0 - 12.1.2, 11.6.0 - 11.6.1, 11.4.0 - 11.5.4, 11.2.1, when ConfigSync is configured, attackers on adjacent networks may be able to bypass the TLS protections usually used to encrypted and authenticate connections to mcpd. This vulnerability may allow remote attackers to cause a denial-of-service (DoS) attack via resource exhaustion. |
|
34 |
CVE-2021-23002 |
|
|
|
2021-03-31 |
2021-04-05 |
2.7 |
None |
Local Network |
Low |
??? |
Partial |
None |
None |
|
When using BIG-IP APM 16.0.x before 16.0.1.1, 15.1.x before 15.1.2.1, 14.1.x before 14.1.4, 13.1.x before 13.1.3.6, or all 12.1.x and 11.6.x versions or Edge Client versions 7.2.1.x before 7.2.1.1, 7.1.9.x before 7.1.9.8, or 7.1.8.x before 7.1.8.5, the session ID is visible in the arguments of the f5vpn.exe command when VPN is launched from the browser on a Windows system. Addressing this issue requires both the client and server fixes. Note: Software versions which have reached End of Software Development (EoSD) are not evaluated. |
|
35 |
CVE-2006-3550 |
|
|
XSS |
2006-07-13 |
2018-10-18 |
2.6 |
None |
Remote |
High |
Not required |
None |
Partial |
None |
|
Multiple cross-site scripting (XSS) vulnerabilities in F5 Networks FirePass 4100 5.x allow remote attackers to inject arbitrary web script or HTML via unspecified "writable form fields and hidden fields," including "authentication frontends." |
|
36 |
CVE-2007-6704 |
79 |
|
XSS |
2008-03-05 |
2018-10-15 |
2.6 |
None |
Remote |
High |
Not required |
None |
Partial |
None |
|
Multiple cross-site scripting (XSS) vulnerabilities in F5 FirePass 4100 SSL VPN 5.4.1 through 5.5.2 and 6.0 through 6.0.1, when pre-logon sequences are enabled, allow remote attackers to inject arbitrary web script or HTML via the query string to (1) my.activation.php3 and (2) my.logon.php3. |
|
37 |
CVE-2018-5537 |
20 |
|
|
2018-07-25 |
2018-09-19 |
2.6 |
None |
Remote |
High |
Not required |
None |
None |
Partial |
|
A remote attacker may be able to disrupt services on F5 BIG-IP 13.0.0-13.1.0.5, 12.1.0-12.1.3.5, 11.6.0-11.6.3.1, or 11.2.1-11.5.6 if the TMM virtual server is configured with a HTML or a Rewrite profile. TMM may restart while processing some specially prepared HTML content from the back end. |
|
38 |
CVE-2020-5929 |
|
|
|
2020-09-25 |
2021-07-21 |
2.6 |
None |
Remote |
High |
Not required |
Partial |
None |
None |
|
In versions 13.0.0-13.0.0 HF2, 12.1.0-12.1.2 HF1, and 11.6.1-11.6.2, BIG-IP platforms with Cavium Nitrox SSL hardware acceleration cards, a Virtual Server configured with a Client SSL profile, and using Anonymous (ADH) or Ephemeral (DHE) Diffie-Hellman key exchange and Single DH use option not enabled in the options list may be vulnerable to crafted SSL/TLS Handshakes that may result with a PMS (Pre-Master Secret) that starts in a 0 byte and may lead to a recovery of plaintext messages as BIG-IP TLS/SSL ADH/DHE sends different error messages acting as an oracle. Similar error messages when PMS starts with 0 byte coupled with very precise timing measurement observation may also expose this vulnerability. |
|
39 |
CVE-2014-4027 |
200 |
|
+Info |
2014-06-23 |
2020-08-21 |
2.3 |
None |
Local Network |
Medium |
??? |
Partial |
None |
None |
|
The rd_build_device_space function in drivers/target/target_core_rd.c in the Linux kernel before 3.14 does not properly initialize a certain data structure, which allows local users to obtain sensitive information from ramdisk_mcp memory by leveraging access to a SCSI initiator. |
|
40 |
CVE-2018-5518 |
|
|
|
2018-05-02 |
2019-10-03 |
2.3 |
None |
Local Network |
Medium |
??? |
None |
None |
Partial |
|
On F5 BIG-IP 13.0.0-13.1.0.5 or 12.0.0-12.1.3.3, malicious root users with access to a VCMP guest can cause a disruption of service on adjacent VCMP guests running on the same host. Exploiting this vulnerability causes the vCMPd process on the adjacent VCMP guest to restart and produce a core file. This issue is only exploitable on a VCMP guest which is operating in "host-only" or "bridged" mode. VCMP guests which are "isolated" are not impacted by this issue and do not provide mechanism to exploit the vulnerability. Guests which are deployed in "Appliance Mode" may be impacted however the exploit is not possible from an Appliance Mode guest. To exploit this vulnerability root access on a guest system deployed as "host-only" or "bridged" mode is required. |
|
41 |
CVE-2016-6249 |
200 |
|
+Info |
2017-02-20 |
2017-07-25 |
2.1 |
None |
Local |
Low |
Not required |
Partial |
None |
None |
|
F5 BIG-IP 12.0.0 and 11.5.0 - 11.6.1 REST requests which timeout during user account authentication may log sensitive attributes such as passwords in plaintext to /var/log/restjavad.0.log. It may allow local users to obtain sensitive information by reading these files. |
|
42 |
CVE-2016-7474 |
200 |
|
+Info |
2017-03-27 |
2019-06-06 |
2.1 |
None |
Local |
Low |
Not required |
Partial |
None |
None |
|
In some cases the MCPD binary cache in F5 BIG-IP devices may allow a user with Advanced Shell access, or privileges to generate a qkview, to temporarily obtain normally unrecoverable information. |
|
43 |
CVE-2017-6152 |
269 |
|
|
2018-03-08 |
2019-10-03 |
2.1 |
None |
Local |
Low |
Not required |
None |
Partial |
None |
|
A local user on F5 BIG-IQ Centralized Management 5.1.0-5.2.0 with the Access Manager role has privileges to change the passwords of other users on the system, including the local admin account password. |
|
44 |
CVE-2018-5540 |
732 |
|
|
2018-07-19 |
2019-10-03 |
2.1 |
None |
Local |
Low |
Not required |
Partial |
None |
None |
|
On F5 BIG-IP 13.0.0-13.0.1, 12.1.0-12.1.3.3, 11.6.0-11.6.3.1, or 11.5.1-11.5.6, Enterprise Manager 3.1.1, BIG-IQ Centralized Management 5.0.0-5.1.0, BIG-IQ Cloud and Orchestration 1.0.0, or F5 iWorkflow 2.1.0-2.3.0 the big3d process does not irrevocably minimize group privileges at start up. |
|
45 |
CVE-2018-15316 |
|
|
Bypass |
2018-10-19 |
2019-10-03 |
2.1 |
None |
Local |
Low |
Not required |
None |
Partial |
None |
|
In F5 BIG-IP APM 13.0.0-13.1.1.1, APM Client 7.1.5-7.1.6, and/or Edge Client 7101-7160, the BIG-IP APM Edge Client component loads the policy library with user permission and bypassing the endpoint checks. |
|
46 |
CVE-2018-15333 |
434 |
|
|
2018-12-28 |
2019-10-23 |
2.1 |
None |
Local |
Low |
Not required |
Partial |
None |
None |
|
On versions 11.2.1. and greater, unrestricted Snapshot File Access allows BIG-IP system's user with any role, including Guest Role, to have access and download previously generated and available snapshot files on the BIG-IP configuration utility such as QKView and TCPDumps. |
|
47 |
CVE-2019-6601 |
269 |
|
|
2019-03-13 |
2020-08-24 |
2.1 |
None |
Local |
Low |
Not required |
Partial |
None |
None |
|
In BIG-IP 13.0.0, 12.1.0-12.1.3.7, 11.6.1-11.6.3.2, or 11.5.1-11.5.8, the Application Acceleration Manager (AAM) wamd process used in processing of images and PDFs fails to drop group permissions when executing helper scripts. |
|
48 |
CVE-2019-6632 |
310 |
|
|
2019-07-03 |
2021-07-21 |
2.1 |
None |
Local |
Low |
Not required |
Partial |
None |
None |
|
On BIG-IP 14.1.0-14.1.0.5, 14.0.0-14.0.0.4, 13.0.0-13.1.1.4, and 12.1.0-12.1.4, under certain circumstances, attackers can decrypt configuration items that are encrypted because the vCMP configuration unit key is generated with insufficient randomness. The attack prerequisite is direct access to encrypted configuration and/or UCS files. |
|
49 |
CVE-2019-6670 |
312 |
|
|
2019-11-27 |
2019-12-12 |
2.1 |
None |
Local |
Low |
Not required |
Partial |
None |
None |
|
On BIG-IP 15.0.0-15.0.1, 14.1.0-14.1.2, 14.0.0-14.0.1, 13.1.0-13.1.3.1, 12.1.0-12.1.5, and 11.5.1-11.6.5, vCMP hypervisors are incorrectly exposing the plaintext unit key for their vCMP guests on the filesystem. |
|
50 |
CVE-2019-19151 |
269 |
|
|
2019-12-23 |
2019-12-31 |
2.1 |
None |
Local |
Low |
Not required |
Partial |
None |
None |
|
On BIG-IP versions 15.0.0-15.1.0, 14.0.0-14.1.2.3, 13.1.0-13.1.3.2, 12.1.0-12.1.5, and 11.5.2-11.6.5.1, BIG-IQ versions 7.0.0, 6.0.0-6.1.0, and 5.0.0-5.4.0, iWorkflow version 2.3.0, and Enterprise Manager version 3.1.1, authenticated users granted TMOS Shell (tmsh) privileges are able access objects on the file system which would normally be disallowed by tmsh restrictions. This allows for authenticated, low privileged attackers to access objects on the file system which would not normally be allowed. |
Total number of vulnerabilities : 60
Page :
1
(This Page) 2
|
|
