CVSS: 4.9EPSS: 0%CPEs: 65EXPL: 0CVE-2019-6618
https://notcve.org/view.php?id=CVE-2019-6618
03 May 2019 — On BIG-IP 14.0.0-14.1.0.1, 13.0.0-13.1.1.4, 12.1.0-12.1.4, 11.6.1-11.6.3.4, and 11.5.2-11.5.8, users with the Resource Administrator role can modify sensitive portions of the filesystem if provided Advanced Shell Access, such as editing /etc/passwd. This allows modifications to user objects and is contrary to our definition for the Resource Administrator (RA) role restrictions. En BIG-IP versiones desde la 14.0.0.0 hasta la 14.1.0.1, desde la 13.0.0 hasta la 13.1.1.1.4, desde la 12.1.0 hasta la 12.1.4, desd... • https://support.f5.com/csp/article/K07702240 •
CVSS: 6.5EPSS: 0%CPEs: 65EXPL: 0CVE-2019-6617
https://notcve.org/view.php?id=CVE-2019-6617
03 May 2019 — On BIG-IP 14.0.0-14.1.0.1, 13.0.0-13.1.1.4, 12.1.0-12.1.4, 11.6.1-11.6.3.4, and 11.5.2-11.5.8, a user with the Resource Administrator role is able to overwrite sensitive low-level files (such as /etc/passwd) using SFTP to modify user permissions, without Advanced Shell access. This is contrary to our definition for the Resource Administrator (RA) role restrictions. En BIG-IP 14.0.0-14.1.0.1, 13.0.0-13.1.1.4, 12.1.0-12.1.4, 11.6.1-11.6.3.4, y 11.5.2-11.5.8, un usuario con el rol de " Resource Administrator" ... • http://www.securityfocus.com/bid/108186 • CWE-269: Improper Privilege Management •
CVSS: 7.2EPSS: 0%CPEs: 65EXPL: 0CVE-2019-6616
https://notcve.org/view.php?id=CVE-2019-6616
03 May 2019 — On BIG-IP 14.0.0-14.1.0.1, 13.0.0-13.1.1.4, 12.1.0-12.1.4, 11.6.1-11.6.3.4, and 11.5.2-11.5.8, administrative users with TMSH access can overwrite critical system files on BIG-IP which can result in bypass of whitelist / blacklist restrictions enforced by appliance mode. En BIG-IP 14.0.0-14.1.0.1, 13.0.0-13.1.1.4, 12.1.0-12.1.4, 11.6.1-11.6.3.4, y 11.5.2-11.5.8, usuarios administrativos con acceso TMSH pueden sobrescribir archivos críticos del sistema BIG-IP, esto puede resultar en omisión de las restriccio... • http://www.securityfocus.com/bid/108298 •
CVSS: 6.5EPSS: 0%CPEs: 39EXPL: 0CVE-2019-6614
https://notcve.org/view.php?id=CVE-2019-6614
03 May 2019 — On BIG-IP 14.0.0-14.1.0.1, 13.0.0-13.1.1.4, and 12.1.0-12.1.4, internal methods used to prevent arbitrary file overwrites in Appliance Mode were not fully effective. An authenticated attacker with a high privilege level may be able to bypass protections implemented in appliance mode to overwrite arbitrary system files. En BIG-IP 14.0.0-14.1.0.1, 13.0.0-13.1.1.4, y 12.1.0-12.1.4, métodos internos empleados para evitar la sobrescritura arbitraria en el "Appliance Mode" no fueron completamente efectivos. Un at... • http://www.securityfocus.com/bid/108297 •
CVSS: 4.9EPSS: 0%CPEs: 65EXPL: 0CVE-2019-6615
https://notcve.org/view.php?id=CVE-2019-6615
03 May 2019 — On BIG-IP 14.0.0-14.1.0.1, 13.0.0-13.1.1.4, 12.1.0-12.1.4, 11.6.1-11.6.3.4, and 11.5.2-11.5.8, Administrator and Resource Administrator roles might exploit TMSH access to bypass Appliance Mode restrictions on BIG-IP systems. En BIG-IP 14.0.0-14.1.0.1, 13.0.0-13.1.1.4, 12.1.0-12.1.4, 11.6.1-11.6.3.4, y 11.5.2-11.5.8, los roles de Administrador y "Resource Administrator" podrían explotar el acceso TMSH saltandose las restricciones del "Appliance Mode" en sistemas BIG-IP. • http://www.securityfocus.com/bid/108189 •
CVSS: 7.5EPSS: 0%CPEs: 65EXPL: 0CVE-2019-6611
https://notcve.org/view.php?id=CVE-2019-6611
03 May 2019 — When BIG-IP 14.0.0-14.1.0.1, 13.0.0-13.1.1.4, 12.1.0-12.1.4, 11.6.1-11.6.3.4, and 11.5.2-11.5.8 are processing certain rare data sequences occurring in PPTP VPN traffic, the BIG-IP system may execute incorrect logic. The TMM may restart and produce a core file as a result of this condition. The BIG-IP system provisioned with the CGNAT module and configured with a virtual server using a PPTP profile is exposed to this vulnerability. Cuando BIG-IP versión 14.0.0- versión 14.1.0.1,versión 13.0.0-versión 13.1.1... • http://www.securityfocus.com/bid/108187 •
CVSS: 8.6EPSS: 0%CPEs: 78EXPL: 0CVE-2018-5743 – Limiting simultaneous TCP clients was ineffective
https://notcve.org/view.php?id=CVE-2018-5743
25 Apr 2019 — By design, BIND is intended to limit the number of TCP clients that can be connected at any given time. The number of allowed connections is a tunable parameter which, if unset, defaults to a conservative value for most servers. Unfortunately, the code which was intended to limit the number of simultaneous connections contained an error which could be exploited to grow the number of simultaneous connections beyond this limit. Versions affected: BIND 9.9.0 -> 9.10.8-P1, 9.11.0 -> 9.11.6, 9.12.0 -> 9.12.4, 9.... • https://kb.isc.org/docs/cve-2018-5743 • CWE-770: Allocation of Resources Without Limits or Throttling •
CVSS: 9.8EPSS: 0%CPEs: 351EXPL: 0CVE-2019-6609
https://notcve.org/view.php?id=CVE-2019-6609
15 Apr 2019 — Platform dependent weakness. This issue only impacts iSeries platforms. On these platforms, in BIG-IP (LTM, AAM, AFM, Analytics, APM, ASM, DNS, Edge Gateway, FPS, GTM, Link Controller, PEM, WebAccelerator) versions 14.0.0-14.1.0.1, 13.0.0-13.1.1.3, and 12.1.1 HF2-12.1.4, the secureKeyCapable attribute was not set which causes secure vault to not use the F5 hardware support to store the unit key. Instead the unit key is stored in plaintext on disk as would be the case for Z100 systems. Additionally this caus... • https://support.f5.com/csp/article/K18535734 • CWE-522: Insufficiently Protected Credentials •
CVSS: 7.1EPSS: 0%CPEs: 52EXPL: 0CVE-2019-6608
https://notcve.org/view.php?id=CVE-2019-6608
28 Mar 2019 — On BIG-IP 11.5.1-11.6.3, 12.1.0-12.1.3, 13.0.0-13.1.1.1, and 14.0.0-14.0.0.2, under certain conditions, the snmpd daemon may leak memory on a multi-blade BIG-IP vCMP guest when processing authorized SNMP requests. En BIG-IP, 11.5.1-11.6.3, 12.1.0-12.1.3, 13.0.0-13.1.1.1 y 14.0.0-14.0.0.2, bajo ciertas circunstancias, el demonio snmpd podría divulgar memoria en un invitado BIG-IP vCMP con varios blades al procesar peticiones SNMP autorizadas. • https://support.f5.com/csp/article/K12139752 • CWE-401: Missing Release of Memory after Effective Lifetime •
CVSS: 4.3EPSS: 0%CPEs: 52EXPL: 0CVE-2019-6606
https://notcve.org/view.php?id=CVE-2019-6606
28 Mar 2019 — On BIG-IP 11.5.1-11.6.3.4, 12.1.0-12.1.3.7, 13.0.0-13.1.1.3, and 14.0.0-14.0.0.2, when processing certain SNMP requests with a request-id of 0, the snmpd process may leak a small amount of memory. EN BIG-IP, en versiones 11.5.1-11.6.3.4, 12.1.0-12.1.3.7, 13.0.0-13.1.1.3 y 14.0.0-14.0.0.2, al procesar determinadas peticiones SNMP con un "request-id" de 0, el proceso snmpd puede divulgar una pequeña cantidad de memoria. • http://www.securityfocus.com/bid/107636 • CWE-401: Missing Release of Memory after Effective Lifetime •