23 results (0.008 seconds)

CVSS: 8.6EPSS: 0%CPEs: 3EXPL: 0

BIG-IP monitor functionality may allow an attacker to bypass access control restrictions, regardless of the port lockdown settings.  Note: Software versions which have reached End of Technical Support (EoTS) are not evaluated. La función de monitorización de BIG-IP puede permitir que un atacante eluda las restricciones de control de acceso, independientemente de la configuración de bloqueo de puertos. Nota: Las versiones de software que han alcanzado el fin del soporte técnico (EoTS) no se evalúan. • https://my.f5.com/manage/s/article/K000140061 • CWE-306: Missing Authentication for Critical Function •

CVSS: 8.7EPSS: 0%CPEs: 2EXPL: 0

In BIG-IP tenants running on r2000 and r4000 series hardware, or BIG-IP Virtual Edition (VEs) using Intel E810 SR-IOV NIC, undisclosed traffic can cause an increase in memory resource utilization.   Note: Software versions which have reached End of Technical Support (EoTS) are not evaluated. • https://my.f5.com/manage/s/article/K000138833 • CWE-400: Uncontrolled Resource Consumption •

CVSS: 8.2EPSS: 0%CPEs: 5EXPL: 0

When TCP profile with Multipath TCP enabled (MPTCP) is configured on a Virtual Server, undisclosed traffic along with conditions beyond the attackers control can cause TMM to terminate. Note: Software versions which have reached End of Technical Support (EoTS) are not evaluated. • https://my.f5.com/manage/s/article/K000138477 • CWE-476: NULL Pointer Dereference •

CVSS: 8.7EPSS: 0%CPEs: 3EXPL: 0

When a stateless virtual server is configured on BIG-IP system with a High-Speed Bridge (HSB), undisclosed requests can cause TMM to terminate.   Note: Software versions which have reached End of Technical Support (EoTS) are not evaluated. • https://my.f5.com/manage/s/article/K05710614 • CWE CATEGORY •

CVSS: 5.3EPSS: 0%CPEs: 3EXPL: 0

Undisclosed requests to BIG-IP iControl REST can lead to information leak of user account names.  Note: Software versions which have reached End of Technical Support (EoTS) are not evaluated. • https://my.f5.com/manage/s/article/K10438187 • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •