NotCVE - vendor:"F5" product:"Big-ip Application Acceleration Manager" version:" >= 13.1.0 <= 13.1.5"

Page 26 of 253 results (0.004 seconds)

CVSS: 7.5EPSS: 0%CPEs: 13EXPL: 0

CVE-2018-5502

https://notcve.org/view.php?id=CVE-2018-5502

22 Mar 2018 — On F5 BIG-IP versions 13.0.0 - 13.1.0.3, attackers may be able to disrupt services on the BIG-IP system with maliciously crafted client certificate. This vulnerability affects virtual servers associated with Client SSL profile which enables the use of client certificate authentication. Client certificate authentication is not enabled by default in Client SSL profile. There is no control plane exposure. Desde la versión 13.0.0 hasta la 13.1.0.3 de F5 BIG-IP, los atacantes podrían ser capaces de interrumpir s... • http://www.securitytracker.com/id/1040561 • CWE-295: Improper Certificate Validation •

CVSS: 9.3EPSS: 3%CPEs: 25EXPL: 0

CVE-2018-5504

https://notcve.org/view.php?id=CVE-2018-5504

22 Mar 2018 — In some circumstances, the Traffic Management Microkernel (TMM) does not properly handle certain malformed Websockets requests/responses, which allows remote attackers to cause a denial-of-service (DoS) or possible remote code execution on the F5 BIG-IP system running versions 13.0.0 - 13.1.0.3 or 12.1.0 - 12.1.3.1. En algunas circunstancias, el TMM (Traffic Management Microkernel) no gestiona correctamente algunas peticiones/respuestas Websockets mal formadas. Esto permite que atacantes remotos provoquen u... • http://www.securitytracker.com/id/1040558 •

CVSS: 7.8EPSS: 1%CPEs: 15EXPL: 0

CVE-2018-5509

https://notcve.org/view.php?id=CVE-2018-5509

22 Mar 2018 — On F5 BIG-IP versions 13.0.0 or 12.1.0 - 12.1.3.1, when a specifically configured virtual server receives traffic of an undisclosed nature, TMM will crash and take the configured failover action, potentially causing a denial of service. The configuration which exposes this issue is not common and in general does not work when enabled in previous versions of BIG-IP. Starting in 12.1.0, BIG-IP will crash if the configuration which exposes this issue is enabled and the virtual server receives non TCP traffic. ... • http://www.securityfocus.com/bid/103504 • CWE-20: Improper Input Validation •

1...24 25 26