Search Results (Refine Search)
- CPE Product Version: cpe:/a:f5:big-ip_domain_name_system:11.5.2
Vuln ID | Summary | CVSS Severity |
---|---|---|
CVE-2017-6158 |
In F5 BIG-IP 12.0.0-12.1.2, 11.6.0-11.6.1, 11.5.1-11.5.5, or 11.2.1 there is a vulnerability in TMM related to handling of invalid IP addresses. Published: April 13, 2018; 9:29:00 AM -0400 |
V3.0: 6.5 MEDIUM V2.0: 6.4 MEDIUM |
CVE-2017-6156 |
When the F5 BIG-IP 12.1.0-12.1.1, 11.6.0-11.6.1, 11.5.1-11.5.5, or 11.2.1 system is configured with a wildcard IPSec tunnel endpoint, it may allow a remote attacker to disrupt or impersonate the tunnels that have completed phase 1 IPSec negotiations. The attacker must possess the necessary credentials to negotiate the phase 1 of the IPSec exchange to exploit this vulnerability; in many environment this limits the attack surface to other endpoints under the same administration. Published: April 13, 2018; 9:29:00 AM -0400 |
V3.0: 6.4 MEDIUM V2.0: 6.0 MEDIUM |
CVE-2017-6161 |
In F5 BIG-IP LTM, AAM, AFM, Analytics, APM, ASM, DNS, Edge Gateway, GTM, Link Controller, PEM, WebAccelerator software version 12.0.0 - 12.1.2, 11.6.0 - 11.6.1, 11.4.0 - 11.5.4, 11.2.1, when ConfigSync is configured, attackers on adjacent networks may be able to bypass the TLS protections usually used to encrypted and authenticate connections to mcpd. This vulnerability may allow remote attackers to cause a denial-of-service (DoS) attack via resource exhaustion. Published: October 27, 2017; 10:29:00 AM -0400 |
V3.0: 5.3 MEDIUM V2.0: 2.9 LOW |
CVE-2017-6165 |
In F5 BIG-IP LTM, AAM, AFM, Analytics, APM, ASM, DNS, GTM, Link Controller, PEM, and WebSafe 11.5.1 HF6 through 11.5.4 HF4, 11.6.0 through 11.6.1 HF1, and 12.0.0 through 12.1.2 on VIPRION platforms only, the script which synchronizes SafeNet External Network HSM configuration elements between blades in a clustered deployment will log the HSM partition password in cleartext to the "/var/log/ltm" log file. Published: October 20, 2017; 11:29:00 AM -0400 |
V3.0: 9.8 CRITICAL V2.0: 5.0 MEDIUM |