Latest f5 big-ip edge gateway Vulnerabilities

Exposure of Sensitive Information vulnerability exist in an undisclosed BIG-IP TMOS shell (tmsh) command which may allow an authenticated attacker with resource administrator role privileges to view ...
F5 BIG-IP Access Policy Manager>=13.1.0<=13.1.5
F5 BIG-IP Access Policy Manager>=14.1.0<=14.1.5
F5 BIG-IP Access Policy Manager>=15.1.0<15.1.9
F5 BIG-IP Access Policy Manager>=16.1.0<16.1.4
F5 BIG-IP Advanced Firewall Manager>=13.1.0<=13.1.5
F5 BIG-IP Advanced Firewall Manager>=14.1.0<=14.1.5
and 70 more
The BIG-IP Edge Client Installer on macOS does not follow best practices for elevating privileges during the installation process.  This vulnerability is due to an incomplete fix for CVE-2023-38418. ...
F5 BIG-IP Access Policy Manager>=7.2.3<7.2.4.4
F5 BIG-IP Access Policy Manager>=13.1.0<=13.1.5
F5 BIG-IP Access Policy Manager>=14.1.0<=14.1.5
F5 BIG-IP Access Policy Manager>=15.1.0<15.1.9
F5 BIG-IP Access Policy Manager>=16.1.0<16.1.4
F5 BIG-IP Advanced Firewall Manager>=13.1.0<=13.1.5
and 72 more
When a non-admin user has been assigned an administrator role via an iControl REST PUT request and later the user's role is reverted back to a non-admin role via the Configuration utility, tmsh, or i...
F5 BIG-IP Access Policy Manager>=13.1.0<=13.1.5
F5 BIG-IP Access Policy Manager>=14.1.0<=14.1.5
F5 BIG-IP Access Policy Manager>=15.1.0<15.1.9
F5 BIG-IP Access Policy Manager>=16.1.0<16.1.4
F5 BIG-IP Advanced Firewall Manager>=13.1.0<=13.1.5
F5 BIG-IP Advanced Firewall Manager>=14.1.0<=14.1.5
and 70 more
The BIG-IP and BIG-IQ systems do not encrypt some sensitive information written to Database (DB) variables.  Note: Software versions which have reached End of Technical Support (EoTS) are not evalua...
F5 BIG-IP Access Policy Manager>=13.1.0<=13.1.5
F5 BIG-IP Access Policy Manager>=14.1.0<=14.1.5
F5 BIG-IP Access Policy Manager>=15.1.0<15.1.9
F5 BIG-IP Access Policy Manager>=16.1.0<16.1.4
F5 BIG-IP Advanced Firewall Manager>=13.1.0<=13.1.5
F5 BIG-IP Advanced Firewall Manager>=14.1.0<=14.1.5
and 71 more
When IPSec is configured on a Virtual Server, undisclosed traffic can cause TMM to terminate.  Note: Software versions which have reached End of Technical Support (EoTS) are not evaluated.
F5 BIG-IP Access Policy Manager>=13.1.0<=13.1.5
F5 BIG-IP Access Policy Manager>=14.1.0<=14.1.5
F5 BIG-IP Access Policy Manager>=15.1.0<15.1.9
F5 BIG-IP Access Policy Manager>=16.1.0<16.1.4
F5 BIG-IP Advanced Firewall Manager>=13.1.0<=13.1.5
F5 BIG-IP Advanced Firewall Manager>=14.1.0<=14.1.5
and 70 more
When a client-side HTTP/2 profile and the HTTP MRF Router option are enabled for a virtual server, and an iRule using the HTTP_REQUEST event or Local Traffic Policy are associated with the virtual ser...
F5 BIG-IP Access Policy Manager>=16.1.0<16.1.4.1
F5 BIG-IP Access Policy Manager=17.1.0
F5 BIG-IP Advanced Firewall Manager>=16.1.0<16.1.4.1
F5 BIG-IP Advanced Firewall Manager=17.1.0
F5 Big-ip Advanced Web Application Firewall>=16.1.0<16.1.4.1
F5 Big-ip Advanced Web Application Firewall=17.1.0
and 33 more
When TCP Verified Accept is enabled on a TCP profile that is configured on a Virtual Server, undisclosed requests can cause an increase in memory resource utilization.  Note: Software versions which ...
F5 BIG-IP Access Policy Manager>=13.1.0<=13.1.5
F5 BIG-IP Access Policy Manager>=14.1.0<=14.1.5
F5 BIG-IP Access Policy Manager>=15.1.0<15.1.9
F5 BIG-IP Access Policy Manager>=16.1.0<16.1.4
F5 BIG-IP Advanced Firewall Manager>=13.1.0<=13.1.5
F5 BIG-IP Advanced Firewall Manager>=14.1.0<=14.1.5
and 70 more
A cross-site scripting (XSS) vulnerability exists in an undisclosed page of the BIG-IP Configuration utility that allows an attacker to run JavaScript in the context of the currently logged-in user. ...
F5 BIG-IP Access Policy Manager>=13.1.0<=13.1.5
F5 BIG-IP Access Policy Manager>=14.1.0<14.1.5.5
F5 BIG-IP Access Policy Manager>=15.1.0<15.1.9.1
F5 BIG-IP Access Policy Manager>=16.1.0<16.1.3.5
F5 BIG-IP Access Policy Manager>=17.0.0<17.1.0.2
F5 BIG-IP Advanced Firewall Manager>=13.1.0<=13.1.5
and 89 more
Specific F5 BIG-IP platforms with Cavium Nitrox FIPS HSM cards generate a deterministic password for the Crypto User account.  The predictable nature of the password allows an authenticated user with...
F5 BIG-IP Access Policy Manager>=13.1.0<13.1.4
F5 BIG-IP Access Policy Manager>=14.1.0<14.1.4
F5 BIG-IP Access Policy Manager=15.1.0
F5 BIG-IP Advanced Firewall Manager>=13.1.0<13.1.4
F5 BIG-IP Advanced Firewall Manager>=14.1.0<14.1.4
F5 BIG-IP Advanced Firewall Manager=15.1.0
and 73 more
A reflected cross-site scripting (XSS) vulnerability exists in an undisclosed page of the BIG-IP Configuration utility which allows an attacker to run JavaScript in the context of the currently logge...
F5 BIG-IP Access Policy Manager>=13.1.0<=13.1.5
F5 BIG-IP Access Policy Manager>=14.1.0<14.1.5.5
F5 BIG-IP Access Policy Manager>=15.1.0<15.1.9.1
F5 BIG-IP Access Policy Manager>=16.1.0<16.1.3.5
F5 BIG-IP Access Policy Manager>=17.0.0<17.1.0.2
F5 BIG-IP Advanced Firewall Manager>=13.1.0<=13.1.5
and 89 more
An authenticated attacker with guest privileges or higher can cause the iControl SOAP process to terminate by sending undisclosed requests.  Note: Software versions which have reached End of Technical...
F5 BIG-IP Access Policy Manager>=13.1.0<=13.1.5
F5 BIG-IP Access Policy Manager>=14.1.0<14.1.5.5
F5 BIG-IP Access Policy Manager>=15.1.0<15.1.9.1
F5 BIG-IP Access Policy Manager>=16.1.0<16.1.3.5
F5 BIG-IP Access Policy Manager>=17.0.0<17.1.0.2
F5 BIG-IP Advanced Firewall Manager>=13.1.0<=13.1.5
and 90 more
When an SSL profile is configured on a Virtual Server, undisclosed traffic can cause an increase in CPU or SSL accelerator resource utilization.   Note: Software versions which have reached End of T...
F5 BIG-IP Access Policy Manager=14.1.5
F5 BIG-IP Access Policy Manager=15.1.4.1
F5 BIG-IP Access Policy Manager=16.1.2
F5 BIG-IP Advanced Firewall Manager=14.1.5
F5 BIG-IP Advanced Firewall Manager=15.1.4.1
F5 BIG-IP Advanced Firewall Manager=16.1.2
and 52 more
Multiple reflected cross-site scripting (XSS) vulnerabilities exist in undisclosed pages of the BIG-IP Configuration utility which allow an attacker to run JavaScript in the context of the currently ...
F5 BIG-IP Access Policy Manager>=13.1.0<=13.1.5
F5 BIG-IP Access Policy Manager>=14.1.0<14.1.5.4
F5 BIG-IP Access Policy Manager>=15.1.0<15.1.8.2
F5 BIG-IP Access Policy Manager>=16.1.0<16.1.3.4
F5 BIG-IP Access Policy Manager>=17.0.0<17.1.0.1
F5 BIG-IP Advanced Firewall Manager>=13.1.0<=13.1.5
and 89 more
When UDP profile with idle timeout set to immediate or the value 0 is configured on a virtual server, undisclosed traffic can cause TMM to terminate.  Note: Software versions which have reached End o...
F5 BIG-IP Access Policy Manager>=14.1.0<14.1.5.4
F5 BIG-IP Access Policy Manager>=15.1.0<15.1.8.2
F5 BIG-IP Access Policy Manager>=16.1.0<16.1.3.4
F5 BIG-IP Access Policy Manager=17.0.0
F5 BIG-IP Advanced Firewall Manager>=14.1.0<14.1.5.4
F5 BIG-IP Advanced Firewall Manager>=15.1.0<15.1.8.2
and 70 more
A directory traversal vulnerability exists in an undisclosed page of the BIG-IP Configuration utility which may allow an authenticated attacker to read files with .xml extension. Access to restricted ...
F5 BIG-IP Access Policy Manager>=13.1.0<=13.1.5
F5 BIG-IP Access Policy Manager>=14.1.0<14.1.5.4
F5 BIG-IP Access Policy Manager>=15.1.0<15.1.8.2
F5 BIG-IP Access Policy Manager>=16.1.0<16.1.3.4
F5 BIG-IP Access Policy Manager>=17.0.0<17.1.0.1
F5 BIG-IP Advanced Firewall Manager>=13.1.0<=13.1.5
and 89 more
On specific hardware platforms, on BIG-IP versions 16.1.x before 16.1.3.1, 15.1.x before 15.1.7, 14.1.x before 14.1.5.1, and all versions of 13.1.x, while Intel QAT (QuickAssist Technology) and the AE...
F5 BIG-IP Access Policy Manager>=13.1.0<=13.1.5
F5 BIG-IP Access Policy Manager>=14.1.0<14.1.5.1
F5 BIG-IP Access Policy Manager>=15.1.0<15.1.7
F5 BIG-IP Access Policy Manager>=16.1.0<16.1.3.1
F5 BIG-IP Advanced Firewall Manager>=13.1.0<=13.1.5
F5 BIG-IP Advanced Firewall Manager>=14.1.0<14.1.5.1
and 70 more
The Diffie-Hellman Key Agreement Protocol allows remote attackers (from the client side) to send arbitrary numbers that are actually not public keys, and trigger expensive server-side DHE modular-expo...
Balasys Dheater
Siemens Scalance W1750d Firmware
Siemens Scalance W1750d
SUSE Linux Enterprise Server=11
SUSE Linux Enterprise Server=12
SUSE Linux Enterprise Server=15
and 80 more
In versions 16.0.0-16.0.0.1, 15.1.0-15.1.0.5, and 14.1.0-14.1.2.3, a stored cross-site scripting (XSS) vulnerability exists in an undisclosed page of the BIG-IP Traffic Management User Interface (TMUI...
F5 BIG-IP Access Policy Manager>=14.1.0<14.1.2.4
F5 BIG-IP Access Policy Manager>=15.1.0<15.1.1
F5 BIG-IP Access Policy Manager>=16.0.0<16.0.1
F5 BIG-IP Advanced Firewall Manager>=14.1.0<14.1.2.4
F5 BIG-IP Advanced Firewall Manager>=15.1.0<15.1.1
F5 BIG-IP Advanced Firewall Manager>=16.0.0<16.0.1
and 33 more
In BIG-IP 15.0.0-15.1.0.4, 14.1.0-14.1.2.7, 13.1.0-13.1.3.3, 12.1.0-12.1.5.2, and 11.6.1-11.6.5.2 and BIG-IQ 5.2.0-7.1.0, unauthenticated attackers can cause disruption of service via undisclosed meth...
F5 BIG-IP Access Policy Manager>=11.6.1<=11.6.5
F5 BIG-IP Access Policy Manager>=12.1.0<=12.1.5
F5 BIG-IP Access Policy Manager>=13.1.0<13.1.3.4
F5 BIG-IP Access Policy Manager>=14.1.0<14.1.2.8
F5 BIG-IP Access Policy Manager>=15.1.0<15.1.0.5
F5 BIG-IP Advanced Firewall Manager>=11.6.1<=11.6.5
and 62 more
In BIG-IP versions 15.1.0-15.1.0.4, 15.0.0-15.0.1.3, 14.1.0-14.1.2.3, 13.1.0-13.1.3.3, 12.1.0-12.1.5.1, and 11.6.1-11.6.5.1, an undisclosed TMUI page contains a vulnerability which allows a stored XSS...
F5 BIG-IP Access Policy Manager>=11.6.1<11.6.5.2
F5 BIG-IP Access Policy Manager>=12.1.0<12.1.5.2
F5 BIG-IP Access Policy Manager>=13.1.0<13.1.3.4
F5 BIG-IP Access Policy Manager>=14.1.0<14.1.2.5
F5 BIG-IP Access Policy Manager>=15.0.0<15.0.1.4
F5 BIG-IP Access Policy Manager>=15.1.0<15.1.0.5
and 72 more
In versions 7.1.5-7.1.8, the BIG-IP Edge Client components in BIG-IP APM, Edge Gateway, and FirePass legacy allow attackers to obtain the full session ID from process memory.
F5 Big-ip Access Policy Manager>=11.6.1<=11.6.5
F5 Big-ip Access Policy Manager>=12.1.0<=12.1.5
F5 Big-ip Access Policy Manager>=13.0.0<=13.1.3
F5 Big-ip Access Policy Manager>=14.0.0<=14.1.2
F5 Big-ip Access Policy Manager>=15.0.0<=15.1.0
F5 Big-ip Access Policy Manager Client>=7.1.5<=7.1.8
and 5 more
On BIG-IP 15.0.0-15.0.1, 14.1.0-14.1.2.3, 14.0.0-14.0.1, and 13.1.0-13.1.3.1, when a virtual server is configured with HTTP explicit proxy and has an attached HTTP_PROXY_REQUEST iRule, POST requests s...
F5 BIG-IP Access Policy Manager>=13.1.0<=13.1.3.1
F5 BIG-IP Access Policy Manager>=14.0.0<=14.0.1
F5 BIG-IP Access Policy Manager>=14.1.0<=14.1.2.3
F5 BIG-IP Access Policy Manager>=15.0.0<=15.0.1.3
F5 BIG-IP Advanced Firewall Manager>=13.1.0<=13.1.3.1
F5 BIG-IP Advanced Firewall Manager>=14.0.0<=14.0.1
and 34 more
On versions 15.1.0-15.1.0.1, 15.0.0-15.0.1.2, and 14.1.0-14.1.2.3, BIG-IP Virtual Edition (VE) may expose a mechanism for remote attackers to access local daemons and bypass port lockdown settings.
F5 BIG-IP Access Policy Manager>=14.1.0<=14.1.2.3
F5 BIG-IP Access Policy Manager>=15.0.0<=15.0.1.2
F5 BIG-IP Access Policy Manager>=15.1.0<=15.1.0.1
F5 BIG-IP Advanced Firewall Manager>=14.1.0<=14.1.2.3
F5 BIG-IP Advanced Firewall Manager>=15.0.0<=15.0.1.2
F5 BIG-IP Advanced Firewall Manager>=15.1.0<=15.1.0.1
and 33 more
On BIG-IP 15.0.0-15.0.1.3, 14.1.0-14.1.2.3, 13.1.0-13.1.3.3, 12.1.0-12.1.5, and 11.6.1-11.6.5.1, under certain conditions, the Intel QuickAssist Technology (QAT) cryptography driver may produce a Traf...
F5 BIG-IP Access Policy Manager>=11.6.1<=11.6.5.1
F5 BIG-IP Access Policy Manager>=12.1.0<=12.1.5
F5 BIG-IP Access Policy Manager>=13.1.0<=13.1.3.3
F5 BIG-IP Access Policy Manager>=14.1.0<=14.1.2.3
F5 BIG-IP Access Policy Manager>=15.0.0<=15.0.1.3
F5 BIG-IP Advanced Firewall Manager>=11.6.1<=11.6.5.1
and 59 more
On BIG-IP 15.0.0-15.0.1.2, 14.1.0-14.1.2.2, 13.1.0-13.1.3.2, 12.1.0-12.1.5, and 11.5.2-11.6.5.1 and BIG-IQ 7.0.0, 6.0.0-6.1.0, and 5.2.0-5.4.0, users with non-administrator roles (for example, Guest o...
F5 BIG-IQ Centralized Management>=5.2.0<=5.4.0
F5 BIG-IQ Centralized Management>=6.0.0<=6.1.0
F5 BIG-IQ Centralized Management=7.0.0
F5 BIG-IP Access Policy Manager>=11.5.2<=11.6.5
F5 BIG-IP Access Policy Manager>=12.1.0<=12.1.5
F5 BIG-IP Access Policy Manager>=13.1.0<=13.1.3
and 62 more
On BIG-IP 15.0.0-15.0.1, 14.1.0-14.1.2.2, 13.1.0-13.1.3.1, 12.1.0-12.1.5, and 11.5.2-11.6.5.1, undisclosed HTTP behavior may lead to a denial of service.
F5 BIG-IP Access Policy Manager>=11.5.2<=11.6.5
F5 BIG-IP Access Policy Manager>=12.1.0<=12.1.5
F5 BIG-IP Access Policy Manager>=13.1.0<=13.1.3
F5 BIG-IP Access Policy Manager>=14.1.0<=14.1.2
F5 BIG-IP Access Policy Manager>=15.0.0<=15.0.1
F5 BIG-IP Advanced Firewall Manager>=11.5.2<=11.6.5
and 59 more
The HTTPS protocol, as used in unspecified web applications, can encrypt compressed data without properly obfuscating the length of the unencrypted data, which makes it easier for man-in-the-middle at...
F5 BIG-IP Access Policy Manager>=10.1.0<=10.2.4
F5 BIG-IP Access Policy Manager>=11.0.0<=11.6.1
F5 BIG-IP Access Policy Manager>=12.0.0<=12.1.2
F5 BIG-IP Access Policy Manager=13.0.0
F5 BIG-IP Advanced Firewall Manager>=11.3.0<=11.6.1
F5 BIG-IP Advanced Firewall Manager>=12.0.0<=12.1.2
and 39 more
On BIG-IP 15.0.0-15.0.1.1, 14.1.0-14.1.2.2, 14.0.0-14.0.1, 13.1.0-13.1.3.1, 12.1.0-12.1.5, and 11.6.0-11.6.5.1, the tmm crashes under certain circumstances when using the connector profile if a specif...
F5 BIG-IP Access Policy Manager>=11.5.2<=11.6.5
F5 BIG-IP Access Policy Manager>=12.1.0<12.1.5.1
F5 BIG-IP Access Policy Manager>=13.1.0<13.1.3.2
F5 BIG-IP Access Policy Manager>=14.0.0<14.0.1.1
F5 BIG-IP Access Policy Manager>=14.1.0<14.1.2.1
F5 BIG-IP Access Policy Manager>=15.0.0<15.1.0
and 78 more
On impacted versions and platforms the Trusted Platform Module (TPM) system integrity check cannot detect modifications to specific system components. This issue only impacts specific engineering hotf...
F5 Big-ip Local Traffic Manager=14.1.0.2.0.45.4
F5 Big-ip Local Traffic Manager=14.1.0.2.0.62.4
F5 Big-ip 2800
F5 Big-ip I10600
F5 Big-ip I10800
F5 Big-ip I11600
and 35 more
An Information Disclosure vulnerability exists in NTP 4.2.7p25 private (mode 6/7) messages via a GET_RESTRICT control message, which could let a malicious user obtain sensitive information.
NTP ntp=4.2.7-p25
F5 BIG-IP Access Policy Manager>=10.2.1<=10.2.4
F5 BIG-IP Access Policy Manager>=11.4.0<=11.6.4
F5 BIG-IP Access Policy Manager>=12.0.0<=12.1.4
F5 BIG-IP Access Policy Manager>=13.0.0<=13.1.1
F5 BIG-IP Access Policy Manager>=14.0.0<=14.1.0
and 71 more
On BIG-IP versions 15.0.0-15.1.0, 14.0.0-14.1.2.3, 13.1.0-13.1.3.2, 12.1.0-12.1.5, and 11.5.2-11.6.5.1, BIG-IQ versions 7.0.0, 6.0.0-6.1.0, and 5.0.0-5.4.0, iWorkflow version 2.3.0, and Enterprise Man...
F5 BIG-IQ Centralized Management>=5.0.0<=5.4.0
F5 BIG-IQ Centralized Management>=6.0.0<=6.1.0
F5 BIG-IQ Centralized Management=7.0.0
F5 BIG-IP Access Policy Manager>=11.5.1<=11.6.5
F5 BIG-IP Access Policy Manager>=12.1.0<=12.1.5
F5 BIG-IP Access Policy Manager>=13.0.0<=13.1.3
and 64 more
On BIG-IP versions 15.0.0-15.0.1.1, 14.1.0-14.1.2.2, 14.0.0-14.0.1, 13.1.0-13.1.3.1, 12.1.0-12.1.5, and 11.5.2-11.6.5.1, users with access to edit iRules are able to create iRules which can lead to an...
F5 BIG-IP Access Policy Manager>=11.5.2<=11.6.5
F5 BIG-IP Access Policy Manager>=12.1.0<=12.1.5
F5 BIG-IP Access Policy Manager>=13.1.0<13.1.3.2
F5 BIG-IP Access Policy Manager>=14.0.0<14.0.1.1
F5 BIG-IP Access Policy Manager>=14.1.0<14.1.2.3
F5 BIG-IP Access Policy Manager>=15.0.0<15.1.0
and 72 more
On BIG-IP versions 15.0.0-15.0.1.1, 14.1.0-14.1.2.2, 14.0.0-14.0.1, 13.1.0-13.1.3.1, 12.1.0-12.1.5, and 11.5.2-11.6.5 and BIG-IQ versions 6.0.0-6.1.0 and 5.2.0-5.4.0, a user is able to obtain the secr...
F5 BIG-IQ Centralized Management>=5.2.0<=5.4.0
F5 BIG-IQ Centralized Management>=6.0.0<=6.1.0
F5 BIG-IP Access Policy Manager>=11.5.2<11.6.5.1
F5 BIG-IP Access Policy Manager>=12.1.0<=12.1.5
F5 BIG-IP Access Policy Manager>=13.1.0<13.1.3.2
F5 BIG-IP Access Policy Manager>=14.0.0<14.0.1.1
and 74 more
On versions 15.0.0-15.0.1.1, 14.1.0-14.1.2.2, 14.0.0-14.0.1, 13.1.0-13.1.3.2, 12.1.0-12.1.5, and 11.5.2-11.6.5.1, BIG-IP virtual servers with Loose Initiation enabled on a FastL4 profile may be subjec...
F5 BIG-IP Access Policy Manager>=11.5.2<=11.6.5
F5 BIG-IP Access Policy Manager>=12.1.0<=12.1.5
F5 BIG-IP Access Policy Manager>=13.1.0<=13.1.3
F5 BIG-IP Access Policy Manager>=14.0.0<14.0.1.1
F5 BIG-IP Access Policy Manager>=14.1.0<14.1.2.3
F5 BIG-IP Access Policy Manager>=15.0.0<15.1.0
and 72 more
On BIG-IP versions 15.0.0-15.0.1, 14.1.0.2-14.1.2.2, 14.0.0.5-14.0.1, 13.1.1.5-13.1.3.1, 12.1.4.1-12.1.5, 11.6.4-11.6.5, and 11.5.9-11.5.10, the access controls implemented by scp.whitelist and scp.bl...
F5 BIG-IP Access Policy Manager>=11.5.9<=11.5.10
F5 BIG-IP Access Policy Manager>=11.6.4<11.6.5.1
F5 BIG-IP Access Policy Manager>=12.1.4.1<=12.1.5
F5 BIG-IP Access Policy Manager>=13.1.1.5<13.1.3.2
F5 BIG-IP Access Policy Manager>=14.0.0.5<14.0.1.1
F5 BIG-IP Access Policy Manager>=14.1.0.2<14.1.2.3
and 85 more
On BIG-IP versions 15.0.0-15.0.1, 14.1.0-14.1.2.2, 14.0.0-14.0.1, and 13.1.0-13.1.3.1, the TMM process may restart when the packet filter feature is enabled.
F5 BIG-IP Access Policy Manager>=13.1.0<13.1.3.2
F5 BIG-IP Access Policy Manager>=14.0.0<14.0.1.1
F5 BIG-IP Access Policy Manager>=14.1.0<14.1.2.3
F5 BIG-IP Access Policy Manager>=15.0.0<15.0.1.1
F5 BIG-IP Advanced Firewall Manager>=13.1.0<13.1.3.2
F5 BIG-IP Advanced Firewall Manager>=14.0.0<14.0.1.1
and 46 more
On versions 15.0.0-15.0.1, 14.0.0-14.1.2.2, and 13.1.0-13.1.3.1, TMM may restart on BIG-IP Virtual Edition (VE) when using virtio direct descriptors and packets 2 KB or larger.
F5 BIG-IP Access Policy Manager>=13.1.0<13.1.3.2
F5 BIG-IP Access Policy Manager>=14.0.0<14.1.2.3
F5 BIG-IP Access Policy Manager>=15.0.0<15.0.1.1
F5 BIG-IP Advanced Firewall Manager>=13.1.0<13.1.3.2
F5 BIG-IP Advanced Firewall Manager>=14.0.0<14.1.2.3
F5 BIG-IP Advanced Firewall Manager>=15.0.0<15.0.1.1
and 33 more
On BIG-IP 15.0.0-15.0.1, 14.1.0-14.1.2, 14.0.0-14.0.1, 13.1.0-13.1.3.1, 12.1.0-12.1.5, and 11.5.1-11.6.5.1, undisclosed traffic flow may cause TMM to restart under some circumstances.
F5 BIG-IP Access Policy Manager>=11.5.1<=11.6.5.1
F5 BIG-IP Access Policy Manager>=12.1.0<=12.1.5
F5 BIG-IP Access Policy Manager>=13.1.0<=13.1.3.1
F5 BIG-IP Access Policy Manager>=14.0.0<=14.0.1
F5 BIG-IP Access Policy Manager>=14.1.0<=14.1.2
F5 BIG-IP Access Policy Manager>=15.0.0<=15.0.1
and 72 more
On BIG-IP 15.0.0-15.0.1, 14.1.0-14.1.0.5, 14.0.0-14.0.0.4, and 13.1.0-13.1.1.4, the TMM process may produce a core file when an upstream server or cache sends the BIG-IP an invalid age header value.
F5 BIG-IP Access Policy Manager>=13.1.0<=13.1.1.4
F5 BIG-IP Access Policy Manager>=14.0.0<=14.0.0.4
F5 BIG-IP Access Policy Manager>=14.1.0<=14.1.0.5
F5 BIG-IP Access Policy Manager>=15.0.0<=15.0.1
F5 BIG-IP Advanced Firewall Manager>=13.1.0<=13.1.1.4
F5 BIG-IP Advanced Firewall Manager>=14.0.0<=14.0.0.4
and 46 more
On BIG-IP 15.0.0-15.0.1, 14.1.0-14.1.0.5, 14.0.0-14.0.0.4, 13.1.0-13.1.1.5, 12.1.0-12.1.4.1, and 11.5.1-11.6.5, under certain conditions, TMM may consume excessive resources when processing traffic fo...
F5 BIG-IP Access Policy Manager>=11.5.1<=11.6.5
F5 BIG-IP Access Policy Manager>=12.1.0<=12.1.4.1
F5 BIG-IP Access Policy Manager>=13.1.0<=13.1.1.5
F5 BIG-IP Access Policy Manager>=14.0.0<=14.0.0.4
F5 BIG-IP Access Policy Manager>=14.1.0<=14.1.0.5
F5 BIG-IP Access Policy Manager>=15.0.0<=15.0.1
and 72 more
On BIG-IP 15.0.0-15.0.1, 14.1.0-14.1.2, 14.0.0-14.0.1, 13.1.0-13.1.3.1, 12.1.0-12.1.5, and 11.5.1-11.6.5, vCMP hypervisors are incorrectly exposing the plaintext unit key for their vCMP guests on the ...
F5 BIG-IP Access Policy Manager>=11.5.1<=11.6.5
F5 BIG-IP Access Policy Manager>=12.1.0<=12.1.5
F5 BIG-IP Access Policy Manager>=13.1.0<=13.1.3.1
F5 BIG-IP Access Policy Manager>=14.0.0<=14.0.1
F5 BIG-IP Access Policy Manager>=14.1.0<=14.1.2
F5 BIG-IP Access Policy Manager>=15.0.0<=15.0.1
and 72 more
On BIG-IP 15.0.0-15.0.1, 14.1.0-14.1.2, 14.0.0-14.0.1, and 13.1.0-13.1.3.1, under certain conditions tmm may leak memory when processing packet fragments, leading to resource starvation.
F5 BIG-IP Access Policy Manager>=13.1.0<=13.1.3.1
F5 BIG-IP Access Policy Manager>=14.0.0<=14.0.1
F5 BIG-IP Access Policy Manager>=14.1.0<=14.1.2
F5 BIG-IP Access Policy Manager>=15.0.0<=15.0.1
F5 BIG-IP Advanced Firewall Manager>=13.1.0<=13.1.3.1
F5 BIG-IP Advanced Firewall Manager>=14.0.0<=14.0.1
and 46 more
F5 BIG-IP Access Policy Manager>=11.5.2<=11.6.5
F5 BIG-IP Access Policy Manager>=12.1.0<=12.1.5
F5 BIG-IP Access Policy Manager>=13.0.0<=13.1.3
F5 BIG-IP Access Policy Manager>=14.0.0<=14.1.2
F5 BIG-IP Access Policy Manager>=15.0.0<=15.0.1
F5 BIG-IP Advanced Firewall Manager>=11.5.2<=11.6.5
and 64 more
On BIG-IP 15.0.0 and 14.1.0-14.1.0.6, under certain conditions, network protections on the management port do not follow current best practices.
F5 BIG-IP Access Policy Manager>=14.1.0<14.1.2
F5 BIG-IP Access Policy Manager=15.0.0
F5 BIG-IP Advanced Firewall Manager>=14.1.0<14.1.2
F5 BIG-IP Advanced Firewall Manager=15.0.0
F5 BIG-IP Analytics>=14.1.0<14.1.2
F5 BIG-IP Analytics=15.0.0
and 20 more
On BIG-IP 14.1.0-14.1.2, 14.0.0-14.0.1, and 13.1.0-13.1.1, undisclosed HTTP requests may consume excessive amounts of systems resources which may lead to a denial of service.
F5 BIG-IP Access Policy Manager>=13.1.0<13.1.3
F5 BIG-IP Access Policy Manager>=14.0.0<14.0.1.1
F5 BIG-IP Access Policy Manager>=14.1.0<14.1.2.1
F5 BIG-IP Advanced Firewall Manager>=13.1.0<13.1.3
F5 BIG-IP Advanced Firewall Manager>=14.0.0<14.0.1.1
F5 BIG-IP Advanced Firewall Manager>=14.1.0<14.1.2.1
and 33 more
On BIG-IP 13.1.0-13.1.1.4, sensitive information is logged into the local log files and/or remote logging targets when restjavad processes an invalid request. Users with access to the log files would ...
F5 BIG-IP Access Policy Manager>=13.1.0<13.1.1.5
F5 BIG-IP Advanced Firewall Manager>=13.1.0<13.1.1.5
F5 BIG-IP Analytics>=13.1.0<13.1.1.5
F5 Big-ip Application Acceleration Manager>=13.1.0<13.1.1.5
F5 BIG-IP Application Security Manager>=13.1.0<13.1.1.5
F5 Big-ip Domain Name System>=13.1.0<13.1.1.5
and 7 more
On BIG-IP 13.1.0-13.1.3.1, 12.1.0-12.1.5, and 11.5.2-11.6.5.1, a reflected cross-site scripting (XSS) vulnerability exists in an undisclosed page of the BIG-IP Traffic Management User Interface (TMUI)...
F5 BIG-IP Advanced Firewall Manager>=11.5.2<=11.6.5
F5 BIG-IP Advanced Firewall Manager>=12.1.0<=12.1.5
F5 BIG-IP Advanced Firewall Manager>=13.1.0<=13.1.3
F5 Big-ip Local Traffic Manager>=11.5.2<=11.6.5
F5 Big-ip Local Traffic Manager>=12.1.0<=12.1.5
F5 Big-ip Local Traffic Manager>=13.1.0<=13.1.3
and 33 more
A race condition which may occur when discarding malformed packets can result in BIND exiting due to a REQUIRE assertion failure in dispatch.c. Versions affected: BIND 9.11.0 -> 9.11.7, 9.12.0 -> 9.12...
F5 Big-ip Local Traffic Manager>=11.5.2<=11.5.9
F5 Big-ip Local Traffic Manager>=11.6.1<=11.6.4
F5 Big-ip Local Traffic Manager>=12.1.0<=12.1.4
F5 Big-ip Local Traffic Manager>=13.1.0<=13.1.1
F5 Big-ip Local Traffic Manager=14.0.0
F5 Big-ip Local Traffic Manager=14.1.0
and 103 more
By design, BIND is intended to limit the number of TCP clients that can be connected at any given time. The number of allowed connections is a tunable parameter which, if unset, defaults to a conserva...
F5 Big-ip Local Traffic Manager>=11.5.2<=11.6.5
F5 Big-ip Local Traffic Manager>=12.1.0<=12.1.4
F5 Big-ip Local Traffic Manager>=13.0.0<=13.1.1
F5 Big-ip Local Traffic Manager>=14.0.0<=14.1.0
F5 Big-ip Local Traffic Manager=15.0.0
F5 Big-ip Application Acceleration Manager>=11.5.2<=11.6.5
and 73 more
tcpdump. Multiple issues were addressed by updating to tcpdump version 4.9.3 and libpcap version 1.9.1
ubuntu/tcpdump<4.9.3-0ubuntu0.18.04.1
ubuntu/tcpdump<4.9.3-0ubuntu0.14.04.1+
ubuntu/tcpdump<4.9.3
ubuntu/tcpdump<4.9.3-0ubuntu0.16.04.1
Tcpdump Tcpdump<4.9.3
Apple Mac OS X<10.15.2
and 165 more

Contact

SecAlerts Pty Ltd.
132 Wickham Terrace
Fortitude Valley,
QLD 4006, Australia
info@secalerts.co
By using SecAlerts services, you agree to our services end-user license agreement. This website is safeguarded by reCAPTCHA and governed by the Google Privacy Policy and Terms of Service. All names, logos, and brands of products are owned by their respective owners, and any usage of these names, logos, and brands for identification purposes only does not imply endorsement. If you possess any content that requires removal, please get in touch with us.
© 2024 SecAlerts Pty Ltd.
ABN: 70 645 966 203, ACN: 645 966 203