Search Results (Refine Search)

Search Parameters:
  • Keyword (text search): cpe:2.3:a:f5:big-ip_edge_gateway:*:*:*:*:*:*:*
  • CPE Name Search: true
There are 49 matching records.
Displaying matches 41 through 49.
Vuln ID Summary CVSS Severity

On BIG-IP 14.0.0-, 13.0.0-, 12.1.0-12.1.4, 11.6.1-, and 11.5.2-11.5.8, a user with the Resource Administrator role is able to overwrite sensitive low-level files (such as /etc/passwd) using SFTP to modify user permissions, without Advanced Shell access. This is contrary to our definition for the Resource Administrator (RA) role restrictions.

Published: May 03, 2019; 4:29:01 PM -0400
V3.0: 6.5 MEDIUM
V2.0: 5.5 MEDIUM

On BIG-IP 14.0.0-, 13.0.0-, 12.1.0-12.1.4, 11.6.1-, and 11.5.2-11.5.8, administrative users with TMSH access can overwrite critical system files on BIG-IP which can result in bypass of whitelist / blacklist restrictions enforced by appliance mode.

Published: May 03, 2019; 4:29:01 PM -0400
V3.0: 7.2 HIGH
V2.0: 6.5 MEDIUM

On BIG-IP 14.0.0-, 13.0.0-, 12.1.0-12.1.4, 11.6.1-, and 11.5.2-11.5.8, Administrator and Resource Administrator roles might exploit TMSH access to bypass Appliance Mode restrictions on BIG-IP systems.

Published: May 03, 2019; 4:29:01 PM -0400
V3.0: 7.2 HIGH
V2.0: 6.5 MEDIUM

On BIG-IP 14.0.0-, 13.0.0-, and 12.1.0-12.1.4, internal methods used to prevent arbitrary file overwrites in Appliance Mode were not fully effective. An authenticated attacker with a high privilege level may be able to bypass protections implemented in appliance mode to overwrite arbitrary system files.

Published: May 03, 2019; 4:29:01 PM -0400
V3.0: 4.9 MEDIUM
V2.0: 5.5 MEDIUM

When BIG-IP 14.0.0-, 13.0.0-, 12.1.0-12.1.4, 11.6.1-, and 11.5.2-11.5.8 are processing certain rare data sequences occurring in PPTP VPN traffic, the BIG-IP system may execute incorrect logic. The TMM may restart and produce a core file as a result of this condition. The BIG-IP system provisioned with the CGNAT module and configured with a virtual server using a PPTP profile is exposed to this vulnerability.

Published: May 03, 2019; 2:29:01 PM -0400
V3.0: 7.5 HIGH
V2.0: 5.0 MEDIUM

Platform dependent weakness. This issue only impacts iSeries platforms. On these platforms, in BIG-IP (LTM, AAM, AFM, Analytics, APM, ASM, DNS, Edge Gateway, FPS, GTM, Link Controller, PEM, WebAccelerator) versions 14.0.0-, 13.0.0-, and 12.1.1 HF2-12.1.4, the secureKeyCapable attribute was not set which causes secure vault to not use the F5 hardware support to store the unit key. Instead the unit key is stored in plaintext on disk as would be the case for Z100 systems. Additionally this causes the unit key to be stored in UCS files taken on these platforms.

Published: April 15, 2019; 11:29:00 AM -0400
V3.0: 9.8 CRITICAL
V2.0: 5.0 MEDIUM

In Bootstrap before 3.4.1 and 4.3.x before 4.3.1, XSS is possible in the tooltip or popover data-template attribute.

Published: February 20, 2019; 11:29:00 AM -0500
V3.1: 6.1 MEDIUM
V2.0: 4.3 MEDIUM

In the Linux kernel before 4.20.8, kvm_ioctl_create_device in virt/kvm/kvm_main.c mishandles reference counting because of a race condition, leading to a use-after-free.

Published: February 15, 2019; 10:29:00 AM -0500
V3.0: 8.1 HIGH
V2.0: 6.8 MEDIUM

On versions 11.2.1. and greater, unrestricted Snapshot File Access allows BIG-IP system's user with any role, including Guest Role, to have access and download previously generated and available snapshot files on the BIG-IP configuration utility such as QKView and TCPDumps.

Published: December 28, 2018; 10:29:00 AM -0500
V3.0: 5.5 MEDIUM
V2.0: 2.1 LOW