F5 Big-Ip Controller vulnerabilities
2 known vulnerabilities affecting f5/big-ip_controller.
Total CVEs
2
CISA KEV
0
Public exploits
0
Exploited in wild
0
Severity breakdown
CRITICAL1HIGH1
Vulnerabilities
Page 1 of 1
CVE-2019-5021CRITICALCVSS 9.8v1.2.12019-05-08
CVE-2019-5021 [CRITICAL] CWE-258 CVE-2019-5021: Versions of the Official Alpine Linux Docker images (since v3.3) contain a NULL password for the `ro
Versions of the Official Alpine Linux Docker images (since v3.3) contain a NULL password for the `root` user. This vulnerability appears to be the result of a regression introduced in December of 2015. Due to the nature of this issue, systems deployed using affected versions of the Alpine Linux container which utilize Linux PAM, or some other mechan
nvd
CVE-2018-5543HIGHCVSS 8.8≥ 1.0.0, ≤ 1.5.02018-07-31
CVE-2018-5543 [HIGH] CWE-522 CVE-2018-5543: The F5 BIG-IP Controller for Kubernetes 1.0.0-1.5.0 (k8s-bigip-crtl) passes BIG-IP username and pass
The F5 BIG-IP Controller for Kubernetes 1.0.0-1.5.0 (k8s-bigip-crtl) passes BIG-IP username and password as command line parameters, which may lead to disclosure of the credentials used by the container.
nvdf5