CVSS: 6.5EPSS: 0%CPEs: 33EXPL: 0CVE-2017-6134
https://notcve.org/view.php?id=CVE-2017-6134
21 Dec 2017 — In F5 BIG-IP LTM, AAM, AFM, Analytics, APM, ASM, DNS, GTM, Link Controller, PEM and WebSafe software version 13.0.0, 12.1.0 - 12.1.2 and 11.5.1 - 11.6.1, an undisclosed sequence of packets, sourced from an adjacent network may cause TMM to crash. En F5 BIG-IP LTM, AAM, AFM, Analytics, APM, ASM, DNS, GTM, Link Controller, PEM y WebSafe, en versiones de software 13.0.0, de la 12.1.0 a la 12.1.2 y de la 11.5.1 a la 11.6.1, una secuencia de paquetes no revelada cuyo origen es una red adyacente podría hacer que ... • http://www.securityfocus.com/bid/102466 • CWE-20: Improper Input Validation •
CVSS: 7.5EPSS: 0%CPEs: 88EXPL: 0CVE-2017-6132
https://notcve.org/view.php?id=CVE-2017-6132
21 Dec 2017 — In F5 BIG-IP LTM, AAM, AFM, Analytics, APM, ASM, DNS, GTM, Link Controller, PEM and Websafe software version 13.0.0, 12.0.0 to 12.1.2, 11.6.0 to 11.6.1 and 11.5.0 - 11.5.4, an undisclosed sequence of packets sent to BIG-IP High Availability state mirror listeners (primary and/or secondary IP) may cause TMM to restart. En F5 BIG-IP LTM, AAM, AFM, Analytics, APM, ASM, DNS, GTM, Link Controller, PEM y Websafe, en versiones de software 13.0.0, de la 12.0.0 a la 12.1.2, de la 11.6.0 a la 11.6.1 y de la 11.5.0 a ... • http://www.securityfocus.com/bid/102333 • CWE-20: Improper Input Validation •
CVSS: 8.1EPSS: 0%CPEs: 104EXPL: 0CVE-2017-6164
https://notcve.org/view.php?id=CVE-2017-6164
21 Dec 2017 — In F5 BIG-IP LTM, AAM, AFM, Analytics, APM, ASM, DNS, Edge Gateway, GTM, Link Controller, PEM, WebAccelerator and WebSafe software version 13.0.0, 12.0.0 - 12.1.2, 11.6.0 - 11.6.1 and 11.5.0 - 11.5.4, in some circumstances, Traffic Management Microkernel (TMM) does not properly handle certain malformed TLS1.2 records, which allows remote attackers to cause a denial-of-service (DoS) or possible remote command execution on the BIG-IP system. En F5 BIG-IP LTM, AAM, AFM, Analytics, APM, ASM, DNS, Edge Gateway, ... • http://www.securitytracker.com/id/1040054 • CWE-20: Improper Input Validation •
CVSS: 7.4EPSS: 0%CPEs: 27EXPL: 0CVE-2017-6168
https://notcve.org/view.php?id=CVE-2017-6168
17 Nov 2017 — On BIG-IP versions 11.6.0-11.6.2 (fixed in 11.6.2 HF1), 12.0.0-12.1.2 HF1 (fixed in 12.1.2 HF2), or 13.0.0-13.0.0 HF2 (fixed in 13.0.0 HF3) a virtual server configured with a Client SSL profile may be vulnerable to an Adaptive Chosen Ciphertext attack (AKA Bleichenbacher attack) against RSA, which when exploited, may result in plaintext recovery of encrypted messages and/or a Man-in-the-middle (MiTM) attack, despite the attacker not having gained access to the server's private key itself, aka a ROBOT attack... • http://www.securityfocus.com/bid/101901 • CWE-203: Observable Discrepancy •
CVSS: 5.9EPSS: 0%CPEs: 43EXPL: 0CVE-2017-6159
https://notcve.org/view.php?id=CVE-2017-6159
27 Oct 2017 — F5 BIG-IP LTM, AAM, AFM, Analytics, APM, ASM, DNS, GTM, Link Controller, PEM, Websafe software version 12.0.0 to 12.1.2, 11.6.0 to 11.6.1 are vulnerable to a denial of service attack when the MPTCP option is enabled on a virtual server. Data plane is vulnerable when using the MPTCP option of a TCP profile. There is no control plane exposure. An attacker may be able to disrupt services by causing TMM to restart hence temporarily failing to process traffic. F5 BIG-IP LTM, AAM, AFM, Analytics, APM, ASM, DNS, G... • http://www.securityfocus.com/bid/101633 •
CVSS: 7.5EPSS: 0%CPEs: 92EXPL: 0CVE-2017-0303
https://notcve.org/view.php?id=CVE-2017-0303
27 Oct 2017 — In F5 BIG-IP LTM, AAM, AFM, Analytics, APM, ASM, DNS, GTM, Link Controller, PEM and Websafe software version 13.0.0, 12.0.0 to 12.1.2 and 11.5.1 to 11.6.1, under limited circumstances connections handled by a Virtual Server with an associated SOCKS profile may not be properly cleaned up, potentially leading to resource starvation. Connections may be left in the connection table which then can only be removed by restarting TMM. Over time this may lead to the BIG-IP being unable to process further connections... • http://www.securityfocus.com/bid/101612 • CWE-459: Incomplete Cleanup •
CVSS: 5.9EPSS: 0%CPEs: 50EXPL: 0CVE-2017-6162
https://notcve.org/view.php?id=CVE-2017-6162
27 Oct 2017 — In F5 BIG-IP LTM, AAM, AFM, Analytics, APM, ASM, DNS, Edge Gateway, GTM, Link Controller, PEM, Websafe software version 12.0.0 to 12.1.2, 11.6.0 to 11.6.1, 11.4.0 to 11.5.4, 11.2.1, in some cases TMM may crash when processing TCP traffic. This vulnerability affects TMM via a virtual server configured with TCP profile. Traffic processing is disrupted while Traffic Management Microkernel (TMM) restarts. If the affected BIG-IP system is configured to be part of a device group, it will trigger a failover to the... • http://www.securityfocus.com/bid/101635 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 5.9EPSS: 0%CPEs: 56EXPL: 0CVE-2017-6163
https://notcve.org/view.php?id=CVE-2017-6163
27 Oct 2017 — In F5 BIG-IP LTM, AAM, AFM, APM, ASM, Link Controller, PEM, PSM software version 12.0.0 to 12.1.2, 11.6.0 to 11.6.1, 11.4.0 to 11.5.4, when a virtual server uses the standard configuration of HTTP/2 or SPDY profile with Client SSL profile, and the client initiates a number of concurrent streams beyond the advertised limit can cause a disruption of service. Remote client initiating stream beyond the advertised limit can cause a disruption of service. The Traffic Management Microkernel (TMM) data plane is exp... • http://www.securityfocus.com/bid/101606 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 5.3EPSS: 0%CPEs: 109EXPL: 0CVE-2017-6161
https://notcve.org/view.php?id=CVE-2017-6161
27 Oct 2017 — In F5 BIG-IP LTM, AAM, AFM, Analytics, APM, ASM, DNS, Edge Gateway, GTM, Link Controller, PEM, WebAccelerator software version 12.0.0 - 12.1.2, 11.6.0 - 11.6.1, 11.4.0 - 11.5.4, 11.2.1, when ConfigSync is configured, attackers on adjacent networks may be able to bypass the TLS protections usually used to encrypted and authenticate connections to mcpd. This vulnerability may allow remote attackers to cause a denial-of-service (DoS) attack via resource exhaustion. En F5 BIG-IP LTM, AAM, AFM, Analytics, APM, A... • http://www.securityfocus.com/bid/101636 • CWE-400: Uncontrolled Resource Consumption •
CVSS: 8.1EPSS: 1%CPEs: 47EXPL: 0CVE-2017-6157
https://notcve.org/view.php?id=CVE-2017-6157
27 Oct 2017 — In F5 BIG-IP LTM, AAM, AFM, Analytics, APM, ASM, DNS, GTM, Link Controller, PEM and Websafe software version 12.0.0 to 12.1.1, 11.6.0 to 11.6.1, 11.5.0 - 11.5.4, virtual servers with a configuration using the HTTP Explicit Proxy functionality and/or SOCKS profile are vulnerable to an unauthenticated, remote attack that allows modification of BIG-IP system configuration, extraction of sensitive system files, and/or possible remote command execution on the BIG-IP system. En F5 BIG-IP LTM, AAM, AFM, Analytics,... • http://www.securityfocus.com/bid/101634 •