CVSS: 7.5EPSS: 0%CPEs: 22EXPL: 0CVE-2020-5856
https://notcve.org/view.php?id=CVE-2020-5856
On BIG-IP 15.0.0-15.0.1.1 and 14.1.0-14.1.2.2, while processing specifically crafted traffic using the default 'xnet' driver, Virtual Edition instances hosted in Amazon Web Services (AWS) may experience a TMM restart. En BIG-IP versiones 15.0.0-15.0.1.1 y 14.1.0-14.1.2.2, mientras se procesa el tráfico específicamente diseñado usando el controlador predeterminado "xnet", las instancias de Virtual Edition alojadas en Amazon Web Services (AWS) pueden experimentar un reinicio de TMM. • https://support.f5.com/csp/article/K00025388 •
CVSS: 5.4EPSS: 0%CPEs: 5EXPL: 0CVE-2020-5853
https://notcve.org/view.php?id=CVE-2020-5853
In BIG-IP APM portal access on versions 15.0.0-15.1.0, 14.0.0-14.1.2.3, 13.1.0-13.1.3.2, 12.1.0-12.1.5, and 11.5.2-11.6.5.1, when backend servers serve HTTP pages with special JavaScript code, this can lead to internal portal access name conflict. En el acceso al portal de BIG-IP APM en las versiones 15.0.0 hasta 15.1.0, 14.0.0 hasta 14.1.2.3, 13.1.0 hasta 13.1.3.2, 12.1.0 hasta 12.1.5 y 11.5.2 hasta 11.6.5.1, cuando los servidores de back-end sirven páginas HTTP con un código JavaScript especial, esto puede conllevar a un conflicto interno del nombre de acceso al portal. • https://support.f5.com/csp/article/K73183618 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVSS: 7.5EPSS: 0%CPEs: 39EXPL: 0CVE-2020-5852
https://notcve.org/view.php?id=CVE-2020-5852
Undisclosed traffic patterns received may cause a disruption of service to the Traffic Management Microkernel (TMM). This vulnerability affects TMM through a virtual server configured with a FastL4 profile. Traffic processing is disrupted while TMM restarts. This issue only impacts specific engineering hotfixes. NOTE: This vulnerability does not affect any of the BIG-IP major, minor or maintenance releases you obtained from downloads.f5.com. • https://support.f5.com/csp/article/K53590702 •
CVSS: 4.6EPSS: 0%CPEs: 221EXPL: 0CVE-2020-5851
https://notcve.org/view.php?id=CVE-2020-5851
On impacted versions and platforms the Trusted Platform Module (TPM) system integrity check cannot detect modifications to specific system components. This issue only impacts specific engineering hotfixes and platforms. NOTE: This vulnerability does not affect any of the BIG-IP major, minor or maintenance releases you obtained from downloads.f5.com. The affected Engineering Hotfix builds are as follows: Hotfix-BIGIP-14.1.0.2.0.45.4-ENG Hotfix-BIGIP-14.1.0.2.0.62.4-ENG En las versiones y plataformas afectadas, la comprobación de integridad del sistema del Trusted Platform Module (TPM) no puede detectar modificaciones en componentes específicos del sistema. Este problema solo afecta a las revisiones de ingeniería y plataformas específicas. • https://support.f5.com/csp/article/K91171450 •
CVSS: 5.3EPSS: 0%CPEs: 77EXPL: 0CVE-2014-5209
https://notcve.org/view.php?id=CVE-2014-5209
An Information Disclosure vulnerability exists in NTP 4.2.7p25 private (mode 6/7) messages via a GET_RESTRICT control message, which could let a malicious user obtain sensitive information. Existe una vulnerabilidad de Divulgación de Información en los mensajes privados (modo 6/7) de NTP versión 4.2.7p25 por medio de un mensaje de control GET_RESTRICT, que podría permitir a un usuario malicioso obtener información confidencial. • https://exchange.xforce.ibmcloud.com/vulnerabilities/95841 https://support.f5.com/csp/article/K44942017 https://support.f5.com/csp/article/K44942017?utm_source=f5support&%3Butm_medium=RSS • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •