4 results (0.009 seconds)

CVSS: 5.5EPSS: 0%CPEs: 74EXPL: 0

When TACACS+ audit forwarding is configured on BIG-IP or BIG-IQ system, sharedsecret is logged in plaintext in the audit log.  Note: Software versions which have reached End of Technical Support (EoTS) are not evaluated. Cuando el reenvío de auditoría TACACS+ está configurado en el sistema BIG-IP o BIG-IQ, el secreto compartido se registra en texto plano en el audit log. Nota: Las versiones de software que han llegado al End of Technical Support (EoTS) no se evalúan. • https://my.f5.com/manage/s/article/K06110200 • CWE-532: Insertion of Sensitive Information into Log File •

CVSS: 6.5EPSS: 0%CPEs: 77EXPL: 0

The BIG-IP and BIG-IQ systems do not encrypt some sensitive information written to Database (DB) variables.  Note: Software versions which have reached End of Technical Support (EoTS) are not evaluated. Los sistemas BIG-IP y BIG-IQ no cifran cierta información confidencial escrita en las variables de la Base de Datos (DB). Nota: Las versiones de software que han llegado al End of Technical Support (EoTS) no se evalúan. • https://my.f5.com/manage/s/article/K20850144 • CWE-312: Cleartext Storage of Sensitive Information •

CVSS: 4.3EPSS: 0%CPEs: 96EXPL: 0

An authenticated attacker with guest privileges or higher can cause the iControl SOAP process to terminate by sending undisclosed requests.  Note: Software versions which have reached End of Technical Support (EoTS) are not evaluated. Un atacante autenticado con privilegios de invitado o superior puede provocar la finalización del proceso iControl SOAP mediante el envío de solicitudes no reveladas. Nota: No se evalúan las versiones de software que han alcanzado el fin del soporte técnico (EoTS). • https://my.f5.com/manage/s/article/K000133472 • CWE-755: Improper Handling of Exceptional Conditions •

CVSS: 5.4EPSS: 0%CPEs: 1EXPL: 0

An authenticated attacker granted a Viewer or Auditor role on a BIG-IQ can upload arbitrary files using an undisclosed iControl REST endpoint.  Note: Software versions which have reached End of Technical Support (EoTS) are not evaluated. • https://my.f5.com/manage/s/article/K000132719 • CWE-269: Improper Privilege Management CWE-434: Unrestricted Upload of File with Dangerous Type •