CVSS: 6.5EPSS: 0%CPEs: 71EXPL: 0CVE-2018-15322
https://notcve.org/view.php?id=CVE-2018-15322
On BIG-IP 14.0.0-14.0.0.2, 13.0.0-13.1.0.7, 12.1.0-12.1.3.5, 11.6.0-11.6.3.2, or 11.2.1-11.5.6, BIG-IQ Centralized Management 6.0.0-6.0.1, 5.0.0-5.4.0 or 4.6.0, BIG-IQ Cloud and Orchestration 1.0.0, iWorkflow 2.0.1-2.3.0, or Enterprise Manager 3.1.1 a BIG-IP user granted with tmsh access may cause the BIG-IP system to experience denial-of-service (DoS) when the BIG-IP user uses the tmsh utility to run the edit cli preference command and proceeds to save the changes to another filename repeatedly. This action utilises storage space on the /var partition and when performed repeatedly causes the /var partition to be full. En BIG-IP 14.0.0-14.0.0.2, 13.0.0-13.1.0.7, 12.1.0-12.1.3.5, 11.6.0-11.6.3.2 o 11.2.1-11.5.6; BIG-IQ Centralized Management 6.0.0-6.0.1, 5.0.0-5.4.0 o 4.6.0; BIG-IQ Cloud and Orchestration 1.0.0; iWorkflow 2.0.1-2.3.0 o Enterprise Manager 3.1.1, un usuario BIG-IP con acceso tmsh podría provocar que el sistema BIG-IP experimente una denegación de servicio (DoS) cuando este usuario emplea la utilidad tmsh para ejecutar el comando de preferencias edit cli y guarda los cambios repetidamente en otro nombre de archivo. Esta acción emplea almacenamiento de la partición /var y, cuando se realiza repetidamente, provoca que la partición /var se llene. • https://support.f5.com/csp/article/K28003839 •
CVSS: 5.9EPSS: 0%CPEs: 2EXPL: 0CVE-2018-15324
https://notcve.org/view.php?id=CVE-2018-15324
On BIG-IP APM 14.0.0-14.0.0.2 or 13.0.0-13.1.1.1, TMM may restart when processing a specially crafted request with APM portal access. En BIG-IP APM 14.0.0-14.0.0.2 o 13.0.0-13.1.1.1, TMM podría reiniciarse al procesar una petición especialmente manipulada con acceso al portal APM. • https://support.f5.com/csp/article/K52206731 • CWE-20: Improper Input Validation •
CVSS: 7.8EPSS: 0%CPEs: 39EXPL: 0CVE-2018-15319
https://notcve.org/view.php?id=CVE-2018-15319
On BIG-IP 14.0.0-14.0.0.2, 13.0.0-13.1.1.1, or 12.1.0-12.1.3.6, malicious requests made to virtual servers with an HTTP profile can cause the TMM to restart. The issue is exposed with the non-default "normalize URI" configuration options used in iRules and/or BIG-IP LTM policies. En BIG-IP 14.0.0-14.0.0.2, 13.0.0-13.1.1.1 o 12.1.0-12.1.3.6, las peticiones maliciosas realizadas a los servidores virtuales con un perfil HTTP pueden provocar que TMM se reinicie. El problema está expuesto a las opciones de configuración "normalize URI", que no son por defecto, que se emplean en las políticas iRules y/o BIG-IP LTM. • http://www.securityfocus.com/bid/107052 https://support.f5.com/csp/article/K64208870 • CWE-20: Improper Input Validation •
CVSS: 7.5EPSS: 0%CPEs: 4EXPL: 0CVE-2018-15326
https://notcve.org/view.php?id=CVE-2018-15326
In some situations on BIG-IP APM 14.0.0-14.0.0.2, 13.0.0-13.1.0.7, 12.1.0-12.1.3.5, or 11.6.0-11.6.3.2, the CRLDP Auth access policy agent may treat revoked certificates as valid when the BIG-IP APM system fails to download a new Certificate Revocation List. En algunas situaciones, en BIG-IP APM 14.0.0-14.0.0.2, 13.0.0-13.1.0.7, 12.1.0-12.1.3.5 o 11.6.0-11.6.3.2, el agente de la política de acceso CRLDP Auth podría tratar los certificados revocados como válidos cuando el sistema BIG-IP APM no descarga una nueva lista Certificate Revocation. • http://www.securityfocus.com/bid/106180 https://support.f5.com/csp/article/K34652116 • CWE-295: Improper Certificate Validation •
CVSS: 7.8EPSS: 1%CPEs: 152EXPL: 0CVE-2018-5391 – The Linux kernel, versions 3.9+, IP implementation is vulnerable to denial of service conditions with low rates of specially modified packets
https://notcve.org/view.php?id=CVE-2018-5391
The Linux kernel, versions 3.9+, is vulnerable to a denial of service attack with low rates of specially modified packets targeting IP fragment re-assembly. An attacker may cause a denial of service condition by sending specially crafted IP fragments. Various vulnerabilities in IP fragmentation have been discovered and fixed over the years. The current vulnerability (CVE-2018-5391) became exploitable in the Linux kernel with the increase of the IP fragment reassembly queue size. El kernel de Linux en versiones a partir de la 3.9 es vulnerable a un ataque de denegación de servicio (DoS) con tasas bajas de paquetes especialmente modificados que apuntan hacia el reensamblado de fragmentos de IP. • http://www.arubanetworks.com/assets/alert/ARUBA-PSA-2018-004.txt http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20200115-01-linux-en http://www.openwall.com/lists/oss-security/2019/06/28/2 http://www.openwall.com/lists/oss-security/2019/07/06/3 http://www.openwall.com/lists/oss-security/2019/07/06/4 http://www.securityfocus.com/bid/105108 http://www.securitytracker.com/id/1041476 http://www.securitytracker.com/id/1041637 https://access.redhat.co • CWE-20: Improper Input Validation CWE-400: Uncontrolled Resource Consumption •