Search Results (Refine Search)
- Keyword (text search): cpe:2.3:a:f5:big-ip_application_acceleration_manager:12.0.0:*:*:*:*:*:*:*
- CPE Name Search: true
Vuln ID | Summary | CVSS Severity |
---|---|---|
CVE-2013-3587 |
The HTTPS protocol, as used in unspecified web applications, can encrypt compressed data without properly obfuscating the length of the unencrypted data, which makes it easier for man-in-the-middle attackers to obtain plaintext secret values by observing length differences during a series of guesses in which a string in an HTTP request URL potentially matches an unknown string in an HTTP response body, aka a "BREACH" attack, a different issue than CVE-2012-4929. Published: February 21, 2020; 1:15:11 PM -0500 |
V3.1: 5.9 MEDIUM V2.0: 4.3 MEDIUM |
CVE-2014-5209 |
An Information Disclosure vulnerability exists in NTP 4.2.7p25 private (mode 6/7) messages via a GET_RESTRICT control message, which could let a malicious user obtain sensitive information. Published: January 07, 2020; 8:15:09 PM -0500 |
V3.1: 5.3 MEDIUM V2.0: 5.0 MEDIUM |
CVE-2019-6646 |
On BIG-IP 11.5.2-11.6.4 and Enterprise Manager 3.1.1, REST users with guest privileges may be able to escalate their privileges and run commands with admin privileges. Published: September 04, 2019; 2:15:11 PM -0400 |
V3.0: 8.8 HIGH V2.0: 6.5 MEDIUM |
CVE-2019-6605 |
On BIG-IP 11.5.1-11.5.8, 11.6.1-11.6.3, and 12.0.x, an undisclosed sequence of packets received by an SSL virtual server and processed by an associated Client SSL or Server SSL profile may cause a denial of service. Published: March 28, 2019; 5:29:00 PM -0400 |
V3.0: 7.5 HIGH V2.0: 5.0 MEDIUM |
CVE-2016-7475 |
Under some circumstances on BIG-IP 12.0.0-12.1.0, 11.6.0-11.6.1, or 11.4.0-11.5.4 HF1, the Traffic Management Microkernel (TMM) may not properly clean-up pool member network connections when using SPDY or HTTP/2 virtual server profiles. Published: October 08, 2018; 3:29:00 PM -0400 |
V3.0: 7.5 HIGH V2.0: 5.0 MEDIUM |
CVE-2018-5522 |
On F5 BIG-IP 13.0.0, 12.0.0-12.1.2, 11.6.1-11.6.3.1, 11.5.1-11.5.5, or 11.2.1, when processing DIAMETER transactions with carefully crafted attribute-value pairs, TMM may crash. Published: June 01, 2018; 10:29:00 AM -0400 |
V3.0: 5.9 MEDIUM V2.0: 4.3 MEDIUM |
CVE-2018-5518 |
On F5 BIG-IP 13.0.0-13.1.0.5 or 12.0.0-12.1.3.3, malicious root users with access to a VCMP guest can cause a disruption of service on adjacent VCMP guests running on the same host. Exploiting this vulnerability causes the vCMPd process on the adjacent VCMP guest to restart and produce a core file. This issue is only exploitable on a VCMP guest which is operating in "host-only" or "bridged" mode. VCMP guests which are "isolated" are not impacted by this issue and do not provide mechanism to exploit the vulnerability. Guests which are deployed in "Appliance Mode" may be impacted however the exploit is not possible from an Appliance Mode guest. To exploit this vulnerability root access on a guest system deployed as "host-only" or "bridged" mode is required. Published: May 02, 2018; 9:29:00 AM -0400 |
V3.0: 5.4 MEDIUM V2.0: 2.3 LOW |
CVE-2017-6158 |
In F5 BIG-IP 12.0.0-12.1.2, 11.6.0-11.6.1, 11.5.1-11.5.5, or 11.2.1 there is a vulnerability in TMM related to handling of invalid IP addresses. Published: April 13, 2018; 9:29:00 AM -0400 |
V3.0: 6.5 MEDIUM V2.0: 6.4 MEDIUM |
CVE-2017-6148 |
Responses to SOCKS proxy requests made through F5 BIG-IP version 13.0.0, 12.0.0-12.1.3.1, 11.6.1-11.6.2, or 11.5.1-11.5.5 may cause a disruption of services provided by TMM. The data plane is impacted and exposed only when a SOCKS proxy profile is attached to a Virtual Server. The control plane is not impacted by this vulnerability. Published: April 13, 2018; 9:29:00 AM -0400 |
V3.0: 7.5 HIGH V2.0: 5.0 MEDIUM |
CVE-2017-6164 |
In F5 BIG-IP LTM, AAM, AFM, Analytics, APM, ASM, DNS, Edge Gateway, GTM, Link Controller, PEM, WebAccelerator and WebSafe software version 13.0.0, 12.0.0 - 12.1.2, 11.6.0 - 11.6.1 and 11.5.0 - 11.5.4, in some circumstances, Traffic Management Microkernel (TMM) does not properly handle certain malformed TLS1.2 records, which allows remote attackers to cause a denial-of-service (DoS) or possible remote command execution on the BIG-IP system. Published: December 21, 2017; 12:29:00 PM -0500 |
V3.0: 8.1 HIGH V2.0: 6.8 MEDIUM |
CVE-2017-6140 |
On the BIG-IP 2000s, 2200s, 4000s, 4200v, i5600, i5800, i7600, i7800, i10600,i10800, and VIPRION 4450 blades, running version 11.5.0, 11.5.1, 11.5.2, 11.5.3, 11.5.4, 11.6.0, 11.6.1, 12.0.0, 12.1.0, 12.1.1 or 12.1.2 of BIG-IP LTM, AAM, AFM, Analytics, ASM, DNS, GTM or PEM, an undisclosed sequence of packets sent to Virtual Servers with client or server SSL profiles may cause disruption of data plane services. Published: December 21, 2017; 12:29:00 PM -0500 |
V3.0: 7.5 HIGH V2.0: 5.0 MEDIUM |
CVE-2017-6132 |
In F5 BIG-IP LTM, AAM, AFM, Analytics, APM, ASM, DNS, GTM, Link Controller, PEM and Websafe software version 13.0.0, 12.0.0 to 12.1.2, 11.6.0 to 11.6.1 and 11.5.0 - 11.5.4, an undisclosed sequence of packets sent to BIG-IP High Availability state mirror listeners (primary and/or secondary IP) may cause TMM to restart. Published: December 21, 2017; 12:29:00 PM -0500 |
V3.0: 7.5 HIGH V2.0: 5.0 MEDIUM |
CVE-2017-6166 |
In BIG-IP LTM, AAM, AFM, Analytics, APM, ASM, DNS, Link Controller, PEM, and WebSafe software 12.0.0 to 12.1.1, in some cases the Traffic Management Microkernel (TMM) may crash when processing fragmented packets. This vulnerability affects TMM through a virtual server configured with a FastL4 profile. Traffic processing is disrupted while TMM restarts. If the affected BIG-IP system is configured as part of a device group, it will trigger a failover to the peer device. Published: November 22, 2017; 11:29:00 AM -0500 |
V3.1: 5.9 MEDIUM V2.0: 4.3 MEDIUM |
CVE-2017-6168 |
On BIG-IP versions 11.6.0-11.6.2 (fixed in 11.6.2 HF1), 12.0.0-12.1.2 HF1 (fixed in 12.1.2 HF2), or 13.0.0-13.0.0 HF2 (fixed in 13.0.0 HF3) a virtual server configured with a Client SSL profile may be vulnerable to an Adaptive Chosen Ciphertext attack (AKA Bleichenbacher attack) against RSA, which when exploited, may result in plaintext recovery of encrypted messages and/or a Man-in-the-middle (MiTM) attack, despite the attacker not having gained access to the server's private key itself, aka a ROBOT attack. Published: November 17, 2017; 2:29:00 PM -0500 |
V3.0: 7.4 HIGH V2.0: 4.3 MEDIUM |
CVE-2017-6163 |
In F5 BIG-IP LTM, AAM, AFM, APM, ASM, Link Controller, PEM, PSM software version 12.0.0 to 12.1.2, 11.6.0 to 11.6.1, 11.4.0 to 11.5.4, when a virtual server uses the standard configuration of HTTP/2 or SPDY profile with Client SSL profile, and the client initiates a number of concurrent streams beyond the advertised limit can cause a disruption of service. Remote client initiating stream beyond the advertised limit can cause a disruption of service. The Traffic Management Microkernel (TMM) data plane is exposed to this issue; the control plane is not exposed. Published: October 27, 2017; 10:29:00 AM -0400 |
V3.0: 5.9 MEDIUM V2.0: 4.3 MEDIUM |
CVE-2017-6162 |
In F5 BIG-IP LTM, AAM, AFM, Analytics, APM, ASM, DNS, Edge Gateway, GTM, Link Controller, PEM, Websafe software version 12.0.0 to 12.1.2, 11.6.0 to 11.6.1, 11.4.0 to 11.5.4, 11.2.1, in some cases TMM may crash when processing TCP traffic. This vulnerability affects TMM via a virtual server configured with TCP profile. Traffic processing is disrupted while Traffic Management Microkernel (TMM) restarts. If the affected BIG-IP system is configured to be part of a device group, it will trigger a failover to the peer device. Published: October 27, 2017; 10:29:00 AM -0400 |
V3.0: 5.9 MEDIUM V2.0: 4.3 MEDIUM |
CVE-2017-6161 |
In F5 BIG-IP LTM, AAM, AFM, Analytics, APM, ASM, DNS, Edge Gateway, GTM, Link Controller, PEM, WebAccelerator software version 12.0.0 - 12.1.2, 11.6.0 - 11.6.1, 11.4.0 - 11.5.4, 11.2.1, when ConfigSync is configured, attackers on adjacent networks may be able to bypass the TLS protections usually used to encrypted and authenticate connections to mcpd. This vulnerability may allow remote attackers to cause a denial-of-service (DoS) attack via resource exhaustion. Published: October 27, 2017; 10:29:00 AM -0400 |
V3.0: 5.3 MEDIUM V2.0: 2.9 LOW |
CVE-2017-6160 |
In F5 BIG-IP AAM and PEM software version 12.0.0 to 12.1.1, 11.6.0 to 11.6.1, 11.4.1 to 11.5.4, a remote attacker may create maliciously crafted HTTP request to cause Traffic Management Microkernel (TMM) to restart and temporarily fail to process traffic. This issue is exposed on virtual servers using a Policy Enforcement profile or a Web Acceleration profile. Systems that do not have BIG-IP AAM module provisioned are not vulnerable. The Traffic Management Microkernel (TMM) may restart and temporarily fail to process traffic. Systems that do not have BIG-IP AAM or PEM module provisioned are not vulnerable. Published: October 27, 2017; 10:29:00 AM -0400 |
V3.0: 5.9 MEDIUM V2.0: 4.3 MEDIUM |
CVE-2017-6159 |
F5 BIG-IP LTM, AAM, AFM, Analytics, APM, ASM, DNS, GTM, Link Controller, PEM, Websafe software version 12.0.0 to 12.1.2, 11.6.0 to 11.6.1 are vulnerable to a denial of service attack when the MPTCP option is enabled on a virtual server. Data plane is vulnerable when using the MPTCP option of a TCP profile. There is no control plane exposure. An attacker may be able to disrupt services by causing TMM to restart hence temporarily failing to process traffic. Published: October 27, 2017; 10:29:00 AM -0400 |
V3.0: 5.9 MEDIUM V2.0: 4.3 MEDIUM |
CVE-2017-6157 |
In F5 BIG-IP LTM, AAM, AFM, Analytics, APM, ASM, DNS, GTM, Link Controller, PEM and Websafe software version 12.0.0 to 12.1.1, 11.6.0 to 11.6.1, 11.5.0 - 11.5.4, virtual servers with a configuration using the HTTP Explicit Proxy functionality and/or SOCKS profile are vulnerable to an unauthenticated, remote attack that allows modification of BIG-IP system configuration, extraction of sensitive system files, and/or possible remote command execution on the BIG-IP system. Published: October 27, 2017; 10:29:00 AM -0400 |
V3.0: 8.1 HIGH V2.0: 6.8 MEDIUM |