Search Results (Refine Search)
- Keyword (text search): cpe:2.3:a:f5:big-ip_access_policy_manager:14.1.0.6.0.70.9:*:*:*:*:*:*:*
- CPE Name Search: true
Vuln ID | Summary | CVSS Severity |
---|---|---|
CVE-2019-6685 |
On BIG-IP versions 15.0.0-15.0.1.1, 14.1.0-14.1.2.2, 14.0.0-14.0.1, 13.1.0-13.1.3.1, 12.1.0-12.1.5, and 11.5.2-11.6.5.1, users with access to edit iRules are able to create iRules which can lead to an elevation of privilege, configuration modification, and arbitrary system command execution. Published: December 23, 2019; 1:15:11 PM -0500 |
V4.0:(not available) V3.1: 7.8 HIGH V2.0: 4.6 MEDIUM |
CVE-2019-6684 |
On versions 15.0.0-15.0.1.1, 14.0.0-14.1.2.2, 13.1.0-13.1.3.1, 12.1.0-12.1.5, and 11.5.2-11.6.5.1, under certain conditions, a multi-bladed BIG-IP Virtual Clustered Multiprocessing (vCMP) may drop broadcast packets when they are rebroadcast to the vCMP guest secondary blades. An attacker can leverage the fragmented broadcast IP packets to perform any type of fragmentation-based attack. Published: December 23, 2019; 1:15:11 PM -0500 |
V4.0:(not available) V3.1: 7.5 HIGH V2.0: 5.0 MEDIUM |
CVE-2019-6683 |
On versions 15.0.0-15.0.1.1, 14.1.0-14.1.2.2, 14.0.0-14.0.1, 13.1.0-13.1.3.2, 12.1.0-12.1.5, and 11.5.2-11.6.5.1, BIG-IP virtual servers with Loose Initiation enabled on a FastL4 profile may be subject to excessive flow usage under undisclosed conditions. Published: December 23, 2019; 1:15:11 PM -0500 |
V4.0:(not available) V3.1: 7.5 HIGH V2.0: 4.3 MEDIUM |
CVE-2019-6680 |
On BIG-IP versions 15.0.0-15.0.1, 14.1.0-14.1.2, 14.0.0-14.0.1, 13.1.0-13.1.3.2, 12.1.0-12.1.5, and 11.5.2-11.6.5, while processing traffic through a standard virtual server that targets a FastL4 virtual server (VIP on VIP), hardware appliances may stop responding. Published: December 23, 2019; 1:15:11 PM -0500 |
V4.0:(not available) V3.1: 7.5 HIGH V2.0: 7.8 HIGH |
CVE-2019-6679 |
On BIG-IP versions 15.0.0-15.0.1, 14.1.0.2-14.1.2.2, 14.0.0.5-14.0.1, 13.1.1.5-13.1.3.1, 12.1.4.1-12.1.5, 11.6.4-11.6.5, and 11.5.9-11.5.10, the access controls implemented by scp.whitelist and scp.blacklist are not properly enforced for paths that are symlinks. This allows authenticated users with SCP access to overwrite certain configuration files that would otherwise be restricted. Published: December 23, 2019; 1:15:11 PM -0500 |
V4.0:(not available) V3.1: 3.3 LOW V2.0: 3.6 LOW |
CVE-2019-19150 |
On versions 15.0.0-15.0.1.1, 14.1.0-14.1.2, 14.0.0-14.0.1, 13.1.0-13.1.3.1, 12.1.0-12.1.5, and 11.5.2-11.6.5.1, the BIG-IP APM system logs the client-session-id when a per-session policy is attached to the virtual server with debug logging enabled. Published: December 23, 2019; 1:15:10 PM -0500 |
V4.0:(not available) V3.1: 4.9 MEDIUM V2.0: 3.5 LOW |
CVE-2019-6678 |
On BIG-IP versions 15.0.0-15.0.1, 14.1.0-14.1.2.2, 14.0.0-14.0.1, and 13.1.0-13.1.3.1, the TMM process may restart when the packet filter feature is enabled. Published: December 23, 2019; 12:15:12 PM -0500 |
V4.0:(not available) V3.1: 5.3 MEDIUM V2.0: 4.3 MEDIUM |
CVE-2019-6677 |
On BIG-IP versions 15.0.0-15.0.1, 14.1.0-14.1.2, 14.0.0-14.0.1, 13.1.0-13.1.3.1, and 12.1.0-12.1.5, under certain conditions when using custom TCP congestion control settings in a TCP profile, TMM stops processing traffic when processed by an iRule. Published: December 23, 2019; 12:15:12 PM -0500 |
V4.0:(not available) V3.1: 7.5 HIGH V2.0: 5.0 MEDIUM |
CVE-2019-6676 |
On versions 15.0.0-15.0.1, 14.0.0-14.1.2.2, and 13.1.0-13.1.3.1, TMM may restart on BIG-IP Virtual Edition (VE) when using virtio direct descriptors and packets 2 KB or larger. Published: December 23, 2019; 12:15:11 PM -0500 |
V4.0:(not available) V3.1: 7.5 HIGH V2.0: 5.0 MEDIUM |
CVE-2019-11109 |
Logic issue in the subsystem for Intel(R) SPS before versions SPS_E5_04.01.04.275.0, SPS_SoC-X_04.00.04.100.0 and SPS_SoC-A_04.00.04.191.0 may allow a privileged user to potentially enable denial of service via local access. Published: December 18, 2019; 5:15:13 PM -0500 |
V4.0:(not available) V3.1: 4.4 MEDIUM V2.0: 4.6 MEDIUM |
CVE-2019-6673 |
On versions 15.0.0-15.0.1 and 14.0.0-14.1.2, when the BIG-IP is configured in HTTP/2 Full Proxy mode, specifically crafted requests may cause a disruption of service provided by the Traffic Management Microkernel (TMM). Published: November 27, 2019; 5:15:11 PM -0500 |
V4.0:(not available) V3.1: 7.5 HIGH V2.0: 4.3 MEDIUM |
CVE-2019-6671 |
On BIG-IP 15.0.0-15.0.1, 14.1.0-14.1.2, 14.0.0-14.0.1, and 13.1.0-13.1.3.1, under certain conditions tmm may leak memory when processing packet fragments, leading to resource starvation. Published: November 27, 2019; 5:15:11 PM -0500 |
V4.0:(not available) V3.1: 7.5 HIGH V2.0: 5.0 MEDIUM |
CVE-2019-6670 |
On BIG-IP 15.0.0-15.0.1, 14.1.0-14.1.2, 14.0.0-14.0.1, 13.1.0-13.1.3.1, 12.1.0-12.1.5, and 11.5.1-11.6.5, vCMP hypervisors are incorrectly exposing the plaintext unit key for their vCMP guests on the filesystem. Published: November 27, 2019; 5:15:11 PM -0500 |
V4.0:(not available) V3.1: 4.4 MEDIUM V2.0: 2.1 LOW |
CVE-2019-6669 |
On BIG-IP 15.0.0-15.0.1, 14.1.0-14.1.2, 14.0.0-14.0.1, 13.1.0-13.1.3.1, 12.1.0-12.1.5, and 11.5.1-11.6.5.1, undisclosed traffic flow may cause TMM to restart under some circumstances. Published: November 27, 2019; 5:15:11 PM -0500 |
V4.0:(not available) V3.1: 7.5 HIGH V2.0: 5.0 MEDIUM |
CVE-2019-6664 |
On BIG-IP 15.0.0 and 14.1.0-14.1.0.6, under certain conditions, network protections on the management port do not follow current best practices. Published: November 15, 2019; 4:15:11 PM -0500 |
V4.0:(not available) V3.1: 7.5 HIGH V2.0: 5.0 MEDIUM |
CVE-2019-6663 |
The BIG-IP 15.0.0-15.0.1, 14.0.0-14.1.2.2, 13.1.0-13.1.3.1, 12.1.0-12.1.5, and 11.5.1-11.6.5.1, BIG-IQ 7.0.0, 6.0.0-6.1.0, and 5.2.0-5.4.0, iWorkflow 2.3.0, and Enterprise Manager 3.1.1 configuration utility is vulnerable to Anti DNS Pinning (DNS Rebinding) attack. Published: November 15, 2019; 4:15:11 PM -0500 |
V4.0:(not available) V3.1: 5.5 MEDIUM V2.0: 4.3 MEDIUM |
CVE-2019-6661 |
When the BIG-IP APM 14.1.0-14.1.2, 14.0.0-14.0.1, 13.1.0-13.1.3.1, 12.1.0-12.1.4.1, or 11.5.1-11.6.5 system processes certain requests, the APD/APMD daemon may consume excessive resources. Published: November 15, 2019; 4:15:11 PM -0500 |
V4.0:(not available) V3.1: 7.5 HIGH V2.0: 5.0 MEDIUM |
CVE-2019-6660 |
On BIG-IP 14.1.0-14.1.2, 14.0.0-14.0.1, and 13.1.0-13.1.1, undisclosed HTTP requests may consume excessive amounts of systems resources which may lead to a denial of service. Published: November 15, 2019; 4:15:11 PM -0500 |
V4.0:(not available) V3.1: 7.5 HIGH V2.0: 5.0 MEDIUM |
CVE-2018-12207 |
Improper invalidation for page table updates by a virtual guest operating system for multiple Intel(R) Processors may allow an authenticated user to potentially enable denial of service of the host system via local access. Published: November 14, 2019; 3:15:11 PM -0500 |
V4.0:(not available) V3.1: 6.5 MEDIUM V2.0: 4.9 MEDIUM |
CVE-2018-14880 |
The OSPFv3 parser in tcpdump before 4.9.3 has a buffer over-read in print-ospf6.c:ospf6_print_lshdr(). Published: October 03, 2019; 12:15:12 PM -0400 |
V4.0:(not available) V3.1: 7.5 HIGH V2.0: 5.0 MEDIUM |