Search Results (Refine Search)

Search Parameters:
  • Results Type: Overview
  • Keyword (text search): cpe:2.3:a:f5:big-ip_edge_gateway:13.1.0:*:*:*:*:*:*:*
There are 105 matching records.
Displaying matches 101 through 105.
Vuln ID Summary CVSS Severity

On F5 BIG-IP 13.1.0-, maliciously crafted HTTP/2 request frames can lead to denial of service. There is data plane exposure for virtual servers when the HTTP2 profile is enabled. There is no control plane exposure to this issue.

Published: May 02, 2018; 9:29:00 AM -0400
V3.0: 7.5 HIGH
V2.0: 5.0 MEDIUM

On F5 BIG-IP 13.1.0-, when Large Receive Offload (LRO) and SYN cookies are enabled (default settings), undisclosed traffic patterns may cause TMM to restart.

Published: May 02, 2018; 9:29:00 AM -0400
V3.0: 7.5 HIGH
V2.0: 7.8 HIGH

On F5 BIG-IP 13.1.0- or 13.0.0, when authenticated administrative users execute commands in the Traffic Management User Interface (TMUI), also referred to as the BIG-IP Configuration utility, restrictions on allowed commands may not be enforced.

Published: April 13, 2018; 9:29:00 AM -0400
V3.0: 7.2 HIGH
V2.0: 6.5 MEDIUM

In some circumstances, the Traffic Management Microkernel (TMM) does not properly handle certain malformed Websockets requests/responses, which allows remote attackers to cause a denial-of-service (DoS) or possible remote code execution on the F5 BIG-IP system running versions 13.0.0 - or 12.1.0 -

Published: March 22, 2018; 2:29:00 PM -0400
V3.0: 8.1 HIGH
V2.0: 9.3 HIGH

On F5 BIG-IP versions 13.0.0 -, attackers may be able to disrupt services on the BIG-IP system with maliciously crafted client certificate. This vulnerability affects virtual servers associated with Client SSL profile which enables the use of client certificate authentication. Client certificate authentication is not enabled by default in Client SSL profile. There is no control plane exposure.

Published: March 22, 2018; 2:29:00 PM -0400
V3.0: 7.5 HIGH
V2.0: 5.0 MEDIUM