Vulnerabilities in F5 Networks, Inc.

140 results
CVE-2018-15327In BIG-IP 14.0.0-14.0.0.2 or 13.0.0-13.1.1.1 or Enterprise Manager 3.1.1, when authenticated administrative users run commands in the TraffiEPSS 1.2%CVE-2018-5532On F5 BIG-IP 13.0.0, 12.1.0-12.1.2, 11.6.0-11.6.3.1, or 11.2.1-11.5.6 a domain name cached within the DNS Cache of TMM may continue to be reEPSS 1.2%CVE-2017-6131In some circumstances, an F5 BIG-IP version 12.0.0 to 12.1.2 and 13.0.0 Azure cloud instance may contain a default administrative password wEPSS 1.1%CVE-2018-15322On BIG-IP 14.0.0-14.0.0.2, 13.0.0-13.1.0.7, 12.1.0-12.1.3.5, 11.6.0-11.6.3.2, or 11.2.1-11.5.6, BIG-IQ Centralized Management 6.0.0-6.0.1, 5EPSS 1.1%CVE-2017-6158In F5 BIG-IP 12.0.0-12.1.2, 11.6.0-11.6.1, 11.5.1-11.5.5, or 11.2.1 there is a vulnerability in TMM related to handling of invalid IP addresEPSS 1.1%CVE-2018-5507On F5 BIG-IP versions 13.0.0, 12.1.0-12.1.3.1, 11.6.1-11.6.2, or 11.5.1-11.5.5, vCMP guests running on VIPRION 2100, 4200 and 4300 series blEPSS 1.1%CVE-2017-6137In F5 BIG-IP LTM, AAM, AFM, Analytics, APM, ASM, DNS, Edge Gateway, GTM, Link Controller, PEM, PSM, WebAccelerator, and WebSafe 11.6.1 HF1, EPSS 1.1%CVE-2018-15323On BIG-IP 14.0.0-14.0.0.2 or 13.0.0-13.1.1.1, in certain circumstances, when processing traffic through a Virtual Server with an associated EPSS 1.1%CVE-2017-6141In F5 BIG-IP LTM, AAM, AFM, APM, ASM, Link Controller, PEM, and WebSafe 12.1.0 through 12.1.2, certain values in a TLS abbreviated handshakeEPSS 1.1%CVE-2017-6167In F5 BIG-IP LTM, AAM, AFM, Analytics, APM, ASM, DNS, Link Controller, PEM and WebSafe software version 13.0.0 and 12.1.0 - 12.1.2, race conEPSS 1.1%CVE-2018-5520On an F5 BIG-IP 13.0.0-13.1.0.5, 12.1.0-12.1.3.1, or 11.2.1-11.6.3.1 system configured in Appliance mode, the TMOS Shell (tmsh) may allow anEPSS 1.1%CVE-2018-5510On F5 BIG-IP 11.5.4 HF4-11.5.5, the Traffic Management Microkernel (TMM) may restart when processing a specific sequence of packets on IPv6 EPSS 1.1%CVE-2017-6145iControl REST in F5 BIG-IP LTM, AAM, AFM, Analytics, APM, ASM, DNS, Link Controller, PEM, and WebSafe 12.0.0 through 12.1.2 and 13.0.0 incluEPSS 1.1%CVE-2018-5519On F5 BIG-IP 13.0.0-13.1.0.5, 12.1.0-12.1.3.3, or 11.2.1-11.6.3.1, administrative users by way of undisclosed methods can exploit the ssldumEPSS 1.1%CVE-2019-6598In BIG-IP 14.0.0-14.0.0.2, 13.0.0-13.1.0.7, 12.1.0-12.1.3.5, 11.6.1-11.6.3.2, or 11.5.1-11.5.8 or Enterprise Manager 3.1.1, malformed requesEPSS 1.1%CVE-2016-9256In F5 BIG-IP 12.1.0 through 12.1.2, permissions enforced by iControl can lag behind the actual permissions assigned to a user if the role_maEPSS 1.0%CVE-2019-6592On BIG-IP 14.1.0-14.1.0.1, TMM may restart and produce a core file when validating SSL certificates in client SSL or server SSL profiles.EPSS 1.0%CVE-2018-15325In BIG-IP 14.0.0-14.0.0.2 or 13.0.0-13.1.1.1, iControl and TMSH usage by authenticated users may leak a small amount of memory when executinEPSS 1.0%CVE-2019-6594On BIG-IP 11.5.1-11.6.3.2, 12.1.3.4-12.1.3.7, 13.0.0 HF1-13.1.1.1, and 14.0.0-14.0.0.2, Multi-Path TCP (MPTCP) does not protect against multEPSS 1.0%CVE-2018-5525A local file vulnerability exists in the F5 BIG-IP Configuration utility on versions 13.0.0, 12.1.0-12.1.2, 11.6.1-11.6.3.1, 11.5.1-11.5.5, EPSS 1.0%