Page 55 of 273 results (0.007 seconds)

CVSS: 9.3EPSS: 0%CPEs: 25EXPL: 0

In some circumstances, the Traffic Management Microkernel (TMM) does not properly handle certain malformed Websockets requests/responses, which allows remote attackers to cause a denial-of-service (DoS) or possible remote code execution on the F5 BIG-IP system running versions 13.0.0 - 13.1.0.3 or 12.1.0 - 12.1.3.1. En algunas circunstancias, el TMM (Traffic Management Microkernel) no gestiona correctamente algunas peticiones/respuestas Websockets mal formadas. Esto permite que atacantes remotos provoquen una denegación de servicio (DoS) o una posible ejecución remota de código en el sistema F5 BIG-IP que ejecuta versiones desde la 13.0.0 hasta la 13.1.0.3 o desde la 12.1.0 hasta la 12.1.3.1. • http://www.securitytracker.com/id/1040558 https://support.f5.com/csp/article/K11718033 •

CVSS: 7.8EPSS: 0%CPEs: 15EXPL: 0

On F5 BIG-IP versions 13.0.0 or 12.1.0 - 12.1.3.1, when a specifically configured virtual server receives traffic of an undisclosed nature, TMM will crash and take the configured failover action, potentially causing a denial of service. The configuration which exposes this issue is not common and in general does not work when enabled in previous versions of BIG-IP. Starting in 12.1.0, BIG-IP will crash if the configuration which exposes this issue is enabled and the virtual server receives non TCP traffic. With the fix of this issue, additional configuration validation logic has been added to prevent this configuration from being applied to a virtual server. There is only data plane exposure to this issue with a non-standard configuration. • http://www.securityfocus.com/bid/103504 http://www.securitytracker.com/id/1040562 https://support.f5.com/csp/article/K49440608 • CWE-20: Improper Input Validation •

CVSS: 5.9EPSS: 0%CPEs: 2EXPL: 0

On F5 BIG-IP versions 13.1.0 - 13.1.0.3, when ASM and AVR are both provisioned, TMM may restart while processing DNS requests when the virtual server is configured with a DNS profile and the Protocol setting is set to TCP. Desde la versión 13.0.0 hasta la 13.1.0.3 de F5 BIG-IP, cuando se proporciona tanto ASM como AVR, TMM podría reiniciarse al procesar peticiones DNS cuando el servidor virtual está configurado con un perfil DNS y la opción Protocol está marcada como TCP. • http://www.securityfocus.com/bid/103505 http://www.securitytracker.com/id/1040559 https://support.f5.com/csp/article/K23520761 •