CVSS: 9.8EPSS: 0%CPEs: 143EXPL: 0CVE-2016-5022
https://notcve.org/view.php?id=CVE-2016-5022
F5 BIG-IP LTM, Analytics, APM, ASM, and Link Controller 11.2.x before 11.2.1 HF16, 11.3.x, 11.4.x, 11.5.x before 11.5.4 HF2, 11.6.x before 11.6.1 HF1, and 12.x before 12.0.0 HF3; BIG-IP AAM, AFM, and PEM 11.4.x, 11.5.x before 11.5.4 HF2, 11.6.x before 11.6.1 HF1, and 12.x before 12.0.0 HF3; BIG-IP DNS 12.x before 12.0.0 HF3; BIG-IP Edge Gateway, WebAccelerator, and WOM 11.2.x before 11.2.1 HF16 and 11.3.0; BIG-IP GTM 11.2.x before 11.2.1 HF16, 11.3.x, 11.4.x, 11.5.x before 11.5.4 HF2, and 11.6.x before 11.6.1 HF1; BIG-IP PSM 11.2.x before 11.2.1 HF16, 11.3.x, and 11.4.0 through 11.4.1; Enterprise Manager 3.1.1; BIG-IQ Cloud and Security 4.0.0 through 4.5.0; BIG-IQ Device 4.2.0 through 4.5.0; BIG-IQ ADC 4.5.0; BIG-IQ Centralized Management 5.0.0; BIG-IQ Cloud and Orchestration 1.0.0; and iWorkflow 2.0.0, when Packet Filtering is enabled on virtual servers and possibly self IP addresses, allow remote attackers to cause a denial of service (Traffic Management Microkernel restart) and possibly have unspecified other impact via crafted network traffic. F5 BIG-IP LTM, Analytics, APM, ASM y Link Controller 11.2.x en versiones anteriores a 11.2.1 HF16, 11.3.x, 11.4.x, 11.5.x en versiones anteriores a 11.5.4 HF2, 11.6.x en versiones anteriores a 11.6.1 HF1 y 12.x en versiones anteriores a 12.0.0 HF3; BIG-IP AAM, AFM y PEM 11.4.x, 11.5.x en versiones anteriores a 11.5.4 HF2, 11.6.x en versiones anteriores a 11.6.1 HF1 y 12.x en versiones anteriores a 12.0.0 HF3; BIG-IP DNS 12.x en versiones anteriores a 12.0.0 HF3; BIG-IP Edge Gateway, WebAccelerator y WOM 11.2.x en versiones anteriores a 11.2.1 HF16 y 11.3.0; BIG-IP GTM 11.2.x en versiones anteriores a 11.2.1 HF16, 11.3.x, 11.4.x, 11.5.x en versiones anteriores a 11.5.4 HF2 y 11.6.x en versiones anteriores a 11.6.1 HF1; BIG-IP PSM 11.2.x en versiones anteriores a 11.2.1 HF16, 11.3.x y 11.4.0 hasta la version 11.4.1; Enterprise Manager 3.1.1; BIG-IQ Cloud and Security 4.0.0 hasta la version 4.5.0; BIG-IQ Device 4.2.0 hasta la version 4.5.0; BIG-IQ ADC 4.5.0; BIG-IQ Centralized Management 5.0.0; BIG-IQ Cloud and Orchestration 1.0.0 y iWorkflow 2.0.0, cuando Packet Filtering está habilitado en servidores virtuales y posiblemente en direcciones IP automáticas, permite a atacantes remotos provocar una denegación de servicio (reinicio de Traffic Management Microkernel) y posiblemente tener otro impacto no especificado a través de tráfico de red manipulado. • http://www.securitytracker.com/id/1036709 http://www.securitytracker.com/id/1036710 https://support.f5.com/kb/en-us/solutions/public/k/06/sol06045217.html • CWE-284: Improper Access Control •
CVSS: 4.9EPSS: 0%CPEs: 136EXPL: 0CVE-2016-1497
https://notcve.org/view.php?id=CVE-2016-1497
The Configuration utility in F5 BIG-IP systems 11.0.x, 11.1.x, 11.2.x before 11.2.1 HF16, 11.3.x, 11.4.x before 11.4.1 HF10, 11.5.x before 11.5.4 HF2, 1.6.x before 11.6.1, and 12.0.0 before HF1 allows remote administrators to read Access Policy Manager (APM) access logs via unspecified vectors. La utilidad Configuration en sistemas F5 BIG-IP 11.0.x, 11.1.x, 11.2.x en versiones anteriores a11.2.1 HF16, 11.3.x, 11.4.x en versiones anteriores a 11.4.1 HF10, 11.5.x en versiones anteriores a 11.5.4 HF2, 1.6.x en versiones anteriores a 11.6.1 y 12.0.0 en versiones anteriores a HF1 permite a administradores remotos leer registros de acceso Access Policy Manager (APM) a través de vectores no especificados. • http://www.securityfocus.com/bid/92671 http://www.securitytracker.com/id/1036631 https://support.f5.com/kb/en-us/solutions/public/k/31/sol31925518.html • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •
CVSS: 8.5EPSS: 0%CPEs: 118EXPL: 0CVE-2015-8022
https://notcve.org/view.php?id=CVE-2015-8022
The Configuration utility in F5 BIG-IP LTM, Analytics, APM, ASM, GTM, and Link Controller 11.x before 11.2.1 HF16, 11.3.x, 11.4.x before 11.4.1 HF10, 11.5.x before 11.5.4, and 11.6.x before 11.6.1; BIG-IP AAM 11.4.x before 11.4.1 HF10, 11.5.x before 11.5.4, and 11.6.x before 11.6.1; BIG-IP AFM and PEM 11.3.x, 11.4.x before 11.4.1 HF10, 11.5.x before 11.5.4, and 11.6.x before 11.6.1; BIG-IP Edge Gateway, WebAccelerator, and WOM 11.x before 11.2.1 HF16 and 11.3.0; and BIG-IP PSM 11.x before 11.2.1 HF16, 11.3.x, and 11.4.x before 11.4.1 HF10 allows remote authenticated users with certain permissions to gain privileges by leveraging an Access Policy Manager customization configuration section that allows file uploads. La utilidad Configuration en F5 BIG-IP LTM, Analytics, APM, ASM, GTM y Link Controller 11.x en versiones anteriores a 11.2.1 HF16, 11.3.x, 11.4.x en versiones anteriores a 11.4.1 HF10, 11.5.x en versiones anteriores a 11.5.4 y 11.6.x en versiones anteriores a 11.6.1; BIG-IP AAM 11.4.x en versiones anteriores a 11.4.1 HF10, 11.5.x en versiones anteriores a 11.5.4 y 11.6.x en versiones anteriores a 11.6.1; BIG-IP AFM y PEM 11.3.x, 11.4.x en versiones anteriores a 11.4.1 HF10, 11.5.x en versiones anteriores a 11.5.4 y 11.6.x en versiones anteriores a 11.6.1; BIG-IP Edge Gateway, WebAccelerator y WOM 11.x en versiones anteriores a 11.2.1 HF16 y 11.3.0; y BIG-IP PSM 11.x en versiones anteriores a 11.2.1 HF16, 11.3.x y 11.4.x en versiones anteriores a 11.4.1 HF10 permite a usuarios remotos autenticados con ciertos permisos obtener privilegios aprovechando una sección de configuración de personalización Access Policy Manager que permite la carga de archivos. • http://www.securitytracker.com/id/1036627 https://support.f5.com/kb/en-us/solutions/public/k/12/sol12401251.html • CWE-264: Permissions, Privileges, and Access Controls •
CVSS: 7.5EPSS: 0%CPEs: 104EXPL: 0CVE-2016-5736
https://notcve.org/view.php?id=CVE-2016-5736
The default configuration of the IPsec IKE peer listener in F5 BIG-IP LTM, Analytics, APM, ASM, and Link Controller 11.2.1 before HF16, 11.4.x, 11.5.x before 11.5.4 HF2, 11.6.x before 11.6.1, and 12.x before 12.0.0 HF2; BIG-IP AAM, AFM, and PEM 11.4.x, 11.5.x before 11.5.4 HF2, 11.6.x before 11.6.1, and 12.x before 12.0.0 HF2; BIG-IP DNS 12.x before 12.0.0 HF2; BIG-IP Edge Gateway, WebAccelerator, and WOM 11.2.1 before HF16; BIG-IP GTM 11.2.1 before HF16, 11.4.x, 11.5.x before 11.5.4 HF2, and 11.6.x before 11.6.1; and BIG-IP PSM 11.4.0 through 11.4.1 improperly enables the anonymous IPsec IKE peer configuration object, which allows remote attackers to establish an IKE Phase 1 negotiation and possibly conduct brute-force attacks against Phase 2 negotiations via unspecified vectors. La configuración por defecto del listener de pares IPsec IKE en F5 BIG-IP LTM, Analytics, APM, ASM y Link Controller 11.2.1 en versiones anteriores a HF16, 11.4.x, 11.5.x en versiones anteriores a 11.5.4 HF2, 11.6.x en versiones anteriores a 11.6.1 y 12.x en versiones anteriores a 12.0.0 HF2; BIG-IP AAM, AFM y PEM 11.4.x, 11.5.x en versiones anteriores a 11.5.4 HF2, 11.6.x en versiones anteriores a 11.6.1 y 12.x en versiones anteriores a 12.0.0 HF2; BIG-IP DNS 12.x en versiones anteriores a 12.0.0 HF2; BIG-IP Edge Gateway, WebAccelerator y WOM 11.2.1 en versiones anteriores a HF16; BIG-IP GTM 11.2.1 en versiones anteriores a HF16, 11.4.x, 11.5.x en versiones anteriores a 11.5.4 HF2 y 11.6.x en versiones anteriores a 11.6.1; y BIG-IP PSM 11.4.0 hasta la versión 11.4.1 habilita indebidamente el objeto de configuración de pares anónimos IPsec IKE, lo que permite a atacantes remotos establecer una negociación IKE Phase 1 y posiblemente llevar a cabo ataques de fuerza bruta contra las negociaciones Phase 2 a través de vectores no especificados. • http://www.securitytracker.com/id/1036618 https://support.f5.com/kb/en-us/solutions/public/k/10/sol10133477.html • CWE-284: Improper Access Control •
CVSS: 9.0EPSS: 0%CPEs: 140EXPL: 0CVE-2016-5020
https://notcve.org/view.php?id=CVE-2016-5020
F5 BIG-IP before 12.0.0 HF3 allows remote authenticated users to modify the account configuration of users with the Resource Administration role and gain privilege via a crafted external Extended Application Verification (EAV) monitor script. F5 BIG-IP en versiones anteriores a 12.0.0 HF3 permite a usuarios remotos autenticados modificar la configuración de cuenta de usuarios con el rol Resource Administration y obtener privilegios a través de una secuencia de comandos de monitor Extended Application Verification (EAV) externa manipulada. • http://www.securityfocus.com/bid/91532 http://www.securitytracker.com/id/1036131 https://support.f5.com/kb/en-us/solutions/public/k/00/sol00265182.html • CWE-264: Permissions, Privileges, and Access Controls •