F5 Big-Ip Edge Gateway vulnerabilities

254 known vulnerabilities affecting f5/big-ip_edge_gateway.

Total CVEs
254
CISA KEV
4
actively exploited
Public exploits
11
Exploited in wild
4
Severity breakdown
CRITICAL16HIGH130MEDIUM104LOW4

Vulnerabilities

Page 10 of 13
CVE-2018-5527HIGHCVSS 7.5≥ 13.0.0, ≤ 13.1.0.72018-06-27
CVE-2018-5527 [HIGH] CWE-772 CVE-2018-5527: On BIG-IP 13.1.0-13.1.0.7, a remote attacker using undisclosed methods against virtual servers confi On BIG-IP 13.1.0-13.1.0.7, a remote attacker using undisclosed methods against virtual servers configured with a Client SSL or Server SSL profile that has the SSL Forward Proxy feature enabled can force the Traffic Management Microkernel (tmm) to leak memory. As a result, system memory usage increases over time, which may eventually cause a decrease in
nvd
CVE-2018-5513HIGHCVSS 7.5≥ 11.2.1, ≤ 11.5.5≥ 11.6.1, ≤ 11.6.3+3 more2018-06-01
CVE-2018-5513 [HIGH] CWE-20 CVE-2018-5513: On F5 BIG-IP 13.1.0-13.1.0.3, 13.0.0, 12.1.0-12.1.3.3, 11.6.1-11.6.3.1, 11.5.1-11.5.5, or 11.2.1, a On F5 BIG-IP 13.1.0-13.1.0.3, 13.0.0, 12.1.0-12.1.3.3, 11.6.1-11.6.3.1, 11.5.1-11.5.5, or 11.2.1, a malformed TLS handshake causes TMM to crash leading to a disruption of service. This issue is only exposed on the data plane when Proxy SSL configuration is enabled. The control plane is not impacted by this issue.
nvd
CVE-2018-5523HIGHCVSS 7.2≥ 11.5.1, ≤ 11.5.5≥ 11.6.1, ≤ 11.6.3+4 more2018-06-01
CVE-2018-5523 [HIGH] CVE-2018-5523: On F5 BIG-IP 13.1.0-13.1.0.3, 13.0.0, 12.1.0-12.1.3.1, 11.6.1-11.6.3.1, 11.5.1-11.5.5, or 11.2.1 and On F5 BIG-IP 13.1.0-13.1.0.3, 13.0.0, 12.1.0-12.1.3.1, 11.6.1-11.6.3.1, 11.5.1-11.5.5, or 11.2.1 and Enterprise Manager 3.1.1, when authenticated administrative users run commands in the Traffic Management User Interface (TMUI), also referred to as the BIG-IP Configuration utility, restrictions on allowed commands may not be enforced.
nvd
CVE-2018-5525MEDIUMCVSS 4.3≥ 11.2.1, ≤ 11.5.5≥ 11.6.0, ≤ 11.6.3+2 more2018-06-01
CVE-2018-5525 [MEDIUM] CWE-200 CVE-2018-5525: A local file vulnerability exists in the F5 BIG-IP Configuration utility on versions 13.0.0, 12.1.0- A local file vulnerability exists in the F5 BIG-IP Configuration utility on versions 13.0.0, 12.1.0-12.1.2, 11.6.1-11.6.3.1, 11.5.1-11.5.5, or 11.2.1 that exposes files containing F5-provided data only and do not include any configuration data, proxied traffic, or other potentially sensitive customer data.
nvd
CVE-2018-5524MEDIUMCVSS 5.3≥ 11.6.1, ≤ 11.6.3≥ 12.1.0, ≤ 12.1.3+1 more2018-06-01
CVE-2018-5524 [MEDIUM] CVE-2018-5524: Under certain conditions, on F5 BIG-IP 13.0.0-13.1.0.5, 12.1.0-12.1.3.1, or 11.6.1 HF2-11.6.3.1, vir Under certain conditions, on F5 BIG-IP 13.0.0-13.1.0.5, 12.1.0-12.1.3.1, or 11.6.1 HF2-11.6.3.1, virtual servers configured with Client SSL or Server SSL profiles which make use of network hardware security module (HSM) functionality are exposed and impacted by this issue.
nvd
CVE-2017-6153MEDIUMCVSS 5.3≥ 11.5.1, ≤ 11.5.5≥ 11.6.1, ≤ 11.6.3+4 more2018-06-01
CVE-2017-6153 [MEDIUM] CWE-400 CVE-2017-6153: Features in F5 BIG-IP 13.0.0-13.1.0.3, 12.1.0-12.1.3.1, 11.6.1-11.6.3.1, 11.5.1-11.5.5, or 11.2.1 sy Features in F5 BIG-IP 13.0.0-13.1.0.3, 12.1.0-12.1.3.1, 11.6.1-11.6.3.1, 11.5.1-11.5.5, or 11.2.1 system that utilizes inflate functionality directly, via an iRule, or via the inflate code from PEM module are subjected to a service disruption via a "Zip Bomb" attack.
nvd
CVE-2018-5522MEDIUMCVSS 5.9≥ 11.5.0, ≤ 11.5.5≥ 11.6.0, ≤ 11.6.3+3 more2018-06-01
CVE-2018-5522 [MEDIUM] CWE-20 CVE-2018-5522: On F5 BIG-IP 13.0.0, 12.0.0-12.1.2, 11.6.1-11.6.3.1, 11.5.1-11.5.5, or 11.2.1, when processing DIAME On F5 BIG-IP 13.0.0, 12.0.0-12.1.2, 11.6.1-11.6.3.1, 11.5.1-11.5.5, or 11.2.1, when processing DIAMETER transactions with carefully crafted attribute-value pairs, TMM may crash.
nvd
CVE-2018-5521MEDIUMCVSS 6.1≥ 11.5.1, ≤ 11.5.5≥ 11.6.1, ≤ 11.6.3+2 more2018-06-01
CVE-2018-5521 [MEDIUM] CWE-79 CVE-2018-5521: On F5 BIG-IP 12.1.0-12.1.3.1, 11.6.1-11.6.3.1, 11.5.1-11.5.5, or 11.2.1, carefully crafted URLs can On F5 BIG-IP 12.1.0-12.1.3.1, 11.6.1-11.6.3.1, 11.5.1-11.5.5, or 11.2.1, carefully crafted URLs can be used to reflect arbitrary content into GeoIP lookup responses, potentially exposing clients to XSS.
nvd
CVE-2018-5514HIGHCVSS 7.5≥ 13.1.0, ≤ 13.1.0.52018-05-02
CVE-2018-5514 [HIGH] CWE-20 CVE-2018-5514: On F5 BIG-IP 13.1.0-13.1.0.5, maliciously crafted HTTP/2 request frames can lead to denial of servic On F5 BIG-IP 13.1.0-13.1.0.5, maliciously crafted HTTP/2 request frames can lead to denial of service. There is data plane exposure for virtual servers when the HTTP2 profile is enabled. There is no control plane exposure to this issue.
nvd
CVE-2018-5517HIGHCVSS 7.5≥ 13.1.0, ≤ 13.1.0.52018-05-02
CVE-2018-5517 [HIGH] CWE-20 CVE-2018-5517: On F5 BIG-IP 13.1.0-13.1.0.5, malformed TCP packets sent to a self IP address or a FastL4 virtual se On F5 BIG-IP 13.1.0-13.1.0.5, malformed TCP packets sent to a self IP address or a FastL4 virtual server may cause an interruption of service. The control plane is not exposed to this issue. This issue impacts the data plane virtual servers and self IPs.
nvd
CVE-2018-5512HIGHCVSS 7.5≥ 13.1.0, ≤ 13.1.0.52018-05-02
CVE-2018-5512 [HIGH] CVE-2018-5512: On F5 BIG-IP 13.1.0-13.1.0.5, when Large Receive Offload (LRO) and SYN cookies are enabled (default On F5 BIG-IP 13.1.0-13.1.0.5, when Large Receive Offload (LRO) and SYN cookies are enabled (default settings), undisclosed traffic patterns may cause TMM to restart.
nvd
CVE-2018-5520MEDIUMCVSS 4.4≥ 11.2.1, ≤ 11.6.3≥ 12.1.0, ≤ 12.1.3+1 more2018-05-02
CVE-2018-5520 [MEDIUM] CWE-863 CVE-2018-5520: On an F5 BIG-IP 13.0.0-13.1.0.5, 12.1.0-12.1.3.1, or 11.2.1-11.6.3.1 system configured in Appliance On an F5 BIG-IP 13.0.0-13.1.0.5, 12.1.0-12.1.3.1, or 11.2.1-11.6.3.1 system configured in Appliance mode, the TMOS Shell (tmsh) may allow an administrative user to use the dig utility to gain unauthorized access to file system resources.
nvd
CVE-2018-5516MEDIUMCVSS 4.7≥ 11.2.1, ≤ 11.6.3≥ 12.1.0, ≤ 12.1.2+1 more2018-05-02
CVE-2018-5516 [MEDIUM] CWE-732 CVE-2018-5516: On F5 BIG-IP 13.0.0-13.1.0.5, 12.1.0-12.1.2, or 11.2.1-11.6.3.1, Enterprise Manager 3.1.1, BIG-IQ Ce On F5 BIG-IP 13.0.0-13.1.0.5, 12.1.0-12.1.2, or 11.2.1-11.6.3.1, Enterprise Manager 3.1.1, BIG-IQ Centralized Management 5.0.0-5.4.0 or 4.6.0, BIG-IQ Cloud and Orchestration 1.0.0, or F5 iWorkflow 2.0.2-2.3.0, authenticated users granted TMOS Shell (tmsh) access can access objects on the file system which would normally be disallowed by tmsh restricti
nvd
CVE-2018-5519MEDIUMCVSS 4.9≥ 11.2.1, ≤ 11.6.3≥ 12.1.0, ≤ 12.1.3+1 more2018-05-02
CVE-2018-5519 [MEDIUM] CVE-2018-5519: On F5 BIG-IP 13.0.0-13.1.0.5, 12.1.0-12.1.3.3, or 11.2.1-11.6.3.1, administrative users by way of un On F5 BIG-IP 13.0.0-13.1.0.5, 12.1.0-12.1.3.3, or 11.2.1-11.6.3.1, administrative users by way of undisclosed methods can exploit the ssldump utility to write to arbitrary file paths. For users who do not have Advanced Shell access (for example, any user when licensed for Appliance Mode), this allows more permissive file access than intended.
nvd
CVE-2018-5518MEDIUMCVSS 5.4≥ 12.0.0, ≤ 12.1.3≥ 13.0.0, ≤ 13.1.02018-05-02
CVE-2018-5518 [MEDIUM] CVE-2018-5518: On F5 BIG-IP 13.0.0-13.1.0.5 or 12.0.0-12.1.3.3, malicious root users with access to a VCMP guest ca On F5 BIG-IP 13.0.0-13.1.0.5 or 12.0.0-12.1.3.3, malicious root users with access to a VCMP guest can cause a disruption of service on adjacent VCMP guests running on the same host. Exploiting this vulnerability causes the vCMPd process on the adjacent VCMP guest to restart and produce a core file. This issue is only exploitable on a VCMP guest which is opera
nvd
CVE-2018-5515MEDIUMCVSS 4.4≥ 13.1.0, ≤ 13.1.0.52018-05-02
CVE-2018-5515 [MEDIUM] CWE-20 CVE-2018-5515: On F5 BIG-IP 13.0.0-13.1.0.5, using RADIUS authentication responses from a RADIUS server with IPv6 a On F5 BIG-IP 13.0.0-13.1.0.5, using RADIUS authentication responses from a RADIUS server with IPv6 addresses may cause TMM to crash, leading to a failover event.
nvd
CVE-2018-5506CRITICALCVSS 9.8≥ 11.5.1, ≤ 11.5.5≥ 12.1.0, ≤ 12.1.3.1+3 more2018-04-13
CVE-2018-5506 [CRITICAL] CVE-2018-5506: In F5 BIG-IP 13.0.0, 12.1.0-12.1.2, 11.6.1, 11.5.1-11.5.5, or 11.2.1 the Apache modules apache_auth_ In F5 BIG-IP 13.0.0, 12.1.0-12.1.2, 11.6.1, 11.5.1-11.5.5, or 11.2.1 the Apache modules apache_auth_token_mod and mod_auth_f5_auth_token.cpp allow possible unauthenticated bruteforce on the em_server_ip authorization parameter to obtain which SSL client certificates used for mutual authentication between BIG-IQ or Enterprise Manager (EM) and managed BIG-IP
nvd
CVE-2018-5507HIGHCVSS 7.5≥ 11.5.1, ≤ 11.5.5≥ 11.6.1, ≤ 11.6.2+2 more2018-04-13
CVE-2018-5507 [HIGH] CVE-2018-5507: On F5 BIG-IP versions 13.0.0, 12.1.0-12.1.3.1, 11.6.1-11.6.2, or 11.5.1-11.5.5, vCMP guests running On F5 BIG-IP versions 13.0.0, 12.1.0-12.1.3.1, 11.6.1-11.6.2, or 11.5.1-11.5.5, vCMP guests running on VIPRION 2100, 4200 and 4300 series blades cannot correctly decrypt ciphertext from established SSL sessions with small MTU.
nvd
CVE-2018-5510HIGHCVSS 7.5v11.5.4v11.5.52018-04-13
CVE-2018-5510 [HIGH] CWE-20 CVE-2018-5510: On F5 BIG-IP 11.5.4 HF4-11.5.5, the Traffic Management Microkernel (TMM) may restart when processing On F5 BIG-IP 11.5.4 HF4-11.5.5, the Traffic Management Microkernel (TMM) may restart when processing a specific sequence of packets on IPv6 virtual servers.
nvd
CVE-2017-6155HIGHCVSS 7.5≥ 11.5.1, ≤ 11.5.5≥ 11.6.1, ≤ 11.6.2+3 more2018-04-13
CVE-2017-6155 [HIGH] CVE-2017-6155: On F5 BIG-IP 13.0.0, 12.0.0-12.1.3.1, 11.6.0-11.6.2, 11.4.1-11.5.5, or 11.2.1, malformed SPDY or HTT On F5 BIG-IP 13.0.0, 12.0.0-12.1.3.1, 11.6.0-11.6.2, 11.4.1-11.5.5, or 11.2.1, malformed SPDY or HTTP/2 requests may result in a disruption of service to TMM. Data plane is only exposed when a SPDY or HTTP/2 profile is attached to a virtual server. There is no control plane exposure.
nvd
← Previous10 / 13Next →
F5 Big-Ip Edge Gateway vulnerabilities | cvebase