CVSS: 7.5EPSS: 0%CPEs: 65EXPL: 0CVE-2020-5857
https://notcve.org/view.php?id=CVE-2020-5857
27 Mar 2020 — On BIG-IP 15.0.0-15.0.1, 14.1.0-14.1.2.2, 13.1.0-13.1.3.1, 12.1.0-12.1.5, and 11.5.2-11.6.5.1, undisclosed HTTP behavior may lead to a denial of service. En BIG-IP versiones 15.0.0-15.0.1, 14.1.0-14.1.2.2, 13.1.0-13.1.3.1, 12.1.0-12.1.5 y 11.5.2-11.6.5.1, un comportamiento HTTP no revelado puede conllevar a una denegación de servicio. • https://support.f5.com/csp/article/K70275209 •
CVSS: 5.9EPSS: 0%CPEs: 84EXPL: 0CVE-2020-5854
https://notcve.org/view.php?id=CVE-2020-5854
06 Feb 2020 — On BIG-IP 15.0.0-15.0.1.1, 14.1.0-14.1.2.2, 14.0.0-14.0.1, 13.1.0-13.1.3.1, 12.1.0-12.1.5, and 11.6.0-11.6.5.1, the tmm crashes under certain circumstances when using the connector profile if a specific sequence of connections are made. En BIG-IP versiones 15.0.0-15.0.1.1, 14.1.0-14.1.2.2, 14.0.0-14.0.1, 13.1.0-13.1.3.1, 12.1.0-12.1.5 y 11.6.0-11.6.5.1, el tmm se bloquea en determinadas circunstancias cuando se usa el perfil connector si una secuencia específica de conexiones es realizada. • https://support.f5.com/csp/article/K50046200 •
CVSS: 7.5EPSS: 0%CPEs: 22EXPL: 0CVE-2020-5856
https://notcve.org/view.php?id=CVE-2020-5856
06 Feb 2020 — On BIG-IP 15.0.0-15.0.1.1 and 14.1.0-14.1.2.2, while processing specifically crafted traffic using the default 'xnet' driver, Virtual Edition instances hosted in Amazon Web Services (AWS) may experience a TMM restart. En BIG-IP versiones 15.0.0-15.0.1.1 y 14.1.0-14.1.2.2, mientras se procesa el tráfico específicamente diseñado usando el controlador predeterminado "xnet", las instancias de Virtual Edition alojadas en Amazon Web Services (AWS) pueden experimentar un reinicio de TMM. • https://support.f5.com/csp/article/K00025388 •
CVSS: 7.5EPSS: 0%CPEs: 39EXPL: 0CVE-2020-5852
https://notcve.org/view.php?id=CVE-2020-5852
14 Jan 2020 — Undisclosed traffic patterns received may cause a disruption of service to the Traffic Management Microkernel (TMM). This vulnerability affects TMM through a virtual server configured with a FastL4 profile. Traffic processing is disrupted while TMM restarts. This issue only impacts specific engineering hotfixes. NOTE: This vulnerability does not affect any of the BIG-IP major, minor or maintenance releases you obtained from downloads.f5.com. • https://support.f5.com/csp/article/K53590702 •
CVSS: 4.6EPSS: 0%CPEs: 221EXPL: 0CVE-2020-5851
https://notcve.org/view.php?id=CVE-2020-5851
14 Jan 2020 — On impacted versions and platforms the Trusted Platform Module (TPM) system integrity check cannot detect modifications to specific system components. This issue only impacts specific engineering hotfixes and platforms. NOTE: This vulnerability does not affect any of the BIG-IP major, minor or maintenance releases you obtained from downloads.f5.com. The affected Engineering Hotfix builds are as follows: Hotfix-BIGIP-14.1.0.2.0.45.4-ENG Hotfix-BIGIP-14.1.0.2.0.62.4-ENG En las versiones y plataformas afectada... • https://support.f5.com/csp/article/K91171450 •
CVSS: 5.5EPSS: 0%CPEs: 70EXPL: 0CVE-2019-19151
https://notcve.org/view.php?id=CVE-2019-19151
23 Dec 2019 — On BIG-IP versions 15.0.0-15.1.0, 14.0.0-14.1.2.3, 13.1.0-13.1.3.2, 12.1.0-12.1.5, and 11.5.2-11.6.5.1, BIG-IQ versions 7.0.0, 6.0.0-6.1.0, and 5.0.0-5.4.0, iWorkflow version 2.3.0, and Enterprise Manager version 3.1.1, authenticated users granted TMOS Shell (tmsh) privileges are able access objects on the file system which would normally be disallowed by tmsh restrictions. This allows for authenticated, low privileged attackers to access objects on the file system which would not normally be allowed. En BI... • https://support.f5.com/csp/article/K21711352 • CWE-269: Improper Privilege Management •
CVSS: 4.3EPSS: 0%CPEs: 80EXPL: 0CVE-2019-6688
https://notcve.org/view.php?id=CVE-2019-6688
23 Dec 2019 — On BIG-IP versions 15.0.0-15.0.1.1, 14.1.0-14.1.2.2, 14.0.0-14.0.1, 13.1.0-13.1.3.1, 12.1.0-12.1.5, and 11.5.2-11.6.5 and BIG-IQ versions 6.0.0-6.1.0 and 5.2.0-5.4.0, a user is able to obtain the secret that was being used to encrypt a BIG-IP UCS backup file while sending SNMP query to the BIG-IP or BIG-IQ system, however the user can not access to the UCS files. En BIG-IP versiones 15.0.0 hasta 15.0.1.1, 14.1.0 hasta 14.1.2.2, 14.0.0 hasta 14.0.1, 13.1.0 hasta 13.1.3.1, 12.1.0 hasta 12.1.5 y 11.5.2 hasta 1... • https://support.f5.com/csp/article/K25607522 •
CVSS: 7.8EPSS: 0%CPEs: 78EXPL: 0CVE-2019-6685
https://notcve.org/view.php?id=CVE-2019-6685
23 Dec 2019 — On BIG-IP versions 15.0.0-15.0.1.1, 14.1.0-14.1.2.2, 14.0.0-14.0.1, 13.1.0-13.1.3.1, 12.1.0-12.1.5, and 11.5.2-11.6.5.1, users with access to edit iRules are able to create iRules which can lead to an elevation of privilege, configuration modification, and arbitrary system command execution. En BIG-IP versiones 15.0.0 hasta 15.0.1.1, 14.1.0 hasta 14.1.2.2, 14.0.0 hasta 14.0.1, 13.1.0 hasta 13.1.3.1, 12.1.0 hasta 12.1.5 y 11.5.2 hasta 11.6.5.1, los usuarios con acceso para editar iRules son capaces de crear ... • https://support.f5.com/csp/article/K30215839 • CWE-269: Improper Privilege Management •
CVSS: 7.5EPSS: 0%CPEs: 55EXPL: 0CVE-2019-6684
https://notcve.org/view.php?id=CVE-2019-6684
23 Dec 2019 — On versions 15.0.0-15.0.1.1, 14.0.0-14.1.2.2, 13.1.0-13.1.3.1, 12.1.0-12.1.5, and 11.5.2-11.6.5.1, under certain conditions, a multi-bladed BIG-IP Virtual Clustered Multiprocessing (vCMP) may drop broadcast packets when they are rebroadcast to the vCMP guest secondary blades. An attacker can leverage the fragmented broadcast IP packets to perform any type of fragmentation-based attack. En las versiones 15.0.0 hasta 15.0.1.1, 14.0.0 hasta 14.1.2.2, 13.1.0 hasta 13.1.3.1, 12.1.0 hasta 12.1.5 y 11.5.2 hasta 11... • https://support.f5.com/csp/article/K95117754 •
CVSS: 7.8EPSS: 0%CPEs: 66EXPL: 0CVE-2019-6680
https://notcve.org/view.php?id=CVE-2019-6680
23 Dec 2019 — On BIG-IP versions 15.0.0-15.0.1, 14.1.0-14.1.2, 14.0.0-14.0.1, 13.1.0-13.1.3.2, 12.1.0-12.1.5, and 11.5.2-11.6.5, while processing traffic through a standard virtual server that targets a FastL4 virtual server (VIP on VIP), hardware appliances may stop responding. En BIG-IP versiones 15.0.0 hasta 15.0.1, 14.1.0 hasta 14.1.2, 14.0.0 hasta 14.0.1, 13.1.0 hasta 13.1.3.2, 12.1.0 hasta 12.1.5 y 11.5.2 hasta 11.6.5, mientras procesa el tráfico mediante un servidor virtual estándar que apunta a un servidor virtua... • https://support.f5.com/csp/article/K53183580 •