F5 Big-Ip Webaccelerator vulnerabilities

258 known vulnerabilities affecting f5/big-ip_webaccelerator.

Total CVEs

258

CISA KEV

actively exploited

Public exploits

Exploited in wild

Severity breakdown

CRITICAL18HIGH135MEDIUM101LOW4

Vulnerabilities

Page 10 of 13

CVE-2018-5531HIGHCVSS 7.4≥ 11.2.1, ≤ 11.5.6≥ 11.6.0, ≤ 11.6.3.1+2 more2018-07-25

CVE-2018-5531 [HIGH] CWE-20 CVE-2018-5531: Through undisclosed methods, on F5 BIG-IP 13.0.0-13.1.0.7, 12.1.0-12.1.3.5, 11.6.0-11.6.3.1, or 11.2 Through undisclosed methods, on F5 BIG-IP 13.0.0-13.1.0.7, 12.1.0-12.1.3.5, 11.6.0-11.6.3.1, or 11.2.1-11.5.6, adjacent network attackers can cause a denial of service for VCMP guest and host systems. Attack must be sourced from adjacent network (layer 2).

nvd

CVE-2018-5537MEDIUMCVSS 5.3≥ 11.2.1, ≤ 11.5.6≥ 11.6.0, ≤ 11.6.3.1+2 more2018-07-25

CVE-2018-5537 [MEDIUM] CWE-20 CVE-2018-5537: A remote attacker may be able to disrupt services on F5 BIG-IP 13.0.0-13.1.0.5, 12.1.0-12.1.3.5, 11. A remote attacker may be able to disrupt services on F5 BIG-IP 13.0.0-13.1.0.5, 12.1.0-12.1.3.5, 11.6.0-11.6.3.1, or 11.2.1-11.5.6 if the TMM virtual server is configured with a HTML or a Rewrite profile. TMM may restart while processing some specially prepared HTML content from the back end.

nvd

CVE-2018-5533HIGHCVSS 7.5≥ 11.5.0, ≤ 11.5.6≥ 11.6.0, ≤ 11.6.3.1+2 more2018-07-19

CVE-2018-5533 [HIGH] CWE-20 CVE-2018-5533: Under certain conditions on F5 BIG-IP 13.0.0, 12.1.0-12.1.2, 11.6.0-11.6.3.1, or 11.5.0-11.5.6, TMM Under certain conditions on F5 BIG-IP 13.0.0, 12.1.0-12.1.2, 11.6.0-11.6.3.1, or 11.5.0-11.5.6, TMM may core while processing SSL forward proxy traffic.

nvd

CVE-2018-5534HIGHCVSS 7.5≥ 11.5.0, ≤ 11.5.6≥ 11.6.0, ≤ 11.6.3.1+3 more2018-07-19

CVE-2018-5534 [HIGH] CWE-20 CVE-2018-5534: Under certain conditions on F5 BIG-IP 13.1.0-13.1.0.5, 13.0.0, 12.1.0-12.1.3.1, 11.6.0-11.6.3.1, or Under certain conditions on F5 BIG-IP 13.1.0-13.1.0.5, 13.0.0, 12.1.0-12.1.3.1, 11.6.0-11.6.3.1, or 11.5.0-11.5.6, TMM may core while processing SSL forward proxy traffic.

nvd

CVE-2018-5535HIGHCVSS 7.5≥ 11.2.1, ≤ 11.6.3≥ 12.1.0, ≤ 12.1.3+2 more2018-07-19

CVE-2018-5535 [HIGH] CWE-20 CVE-2018-5535: On F5 BIG-IP 14.0.0, 13.0.0-13.1.0, 12.1.0-12.1.3, or 11.5.1-11.6.3 specifically crafted HTTP respon On F5 BIG-IP 14.0.0, 13.0.0-13.1.0, 12.1.0-12.1.3, or 11.5.1-11.6.3 specifically crafted HTTP responses, when processed by a Virtual Server with an associated QoE profile that has Video enabled, may cause TMM to incorrectly buffer response data causing the TMM to restart resulting in a Denial of Service.

nvd

CVE-2018-5532MEDIUMCVSS 5.3≥ 11.2.1, ≤ 11.5.6≥ 11.6.0, ≤ 11.6.3.1+2 more2018-07-19

CVE-2018-5532 [MEDIUM] CVE-2018-5532: On F5 BIG-IP 13.0.0, 12.1.0-12.1.2, 11.6.0-11.6.3.1, or 11.2.1-11.5.6 a domain name cached within th On F5 BIG-IP 13.0.0, 12.1.0-12.1.2, 11.6.0-11.6.3.1, or 11.2.1-11.5.6 a domain name cached within the DNS Cache of TMM may continue to be resolved by the cache even after the parent server revokes the record, if the DNS Cache is receiving a stream of requests for the cached name.

nvd

CVE-2018-13405HIGHCVSS 7.8PoC≥ 13.0.0, < 13.1.3.5≥ 14.0.0, < 14.1.3.1+3 more2018-07-06

CVE-2018-13405 [HIGH] CWE-269 CVE-2018-13405: The inode_init_owner function in fs/inode.c in the Linux kernel through 3.16 allows local users to c The inode_init_owner function in fs/inode.c in the Linux kernel through 3.16 allows local users to create files with an unintended group ownership, in a scenario where a directory is SGID to a certain group and is writable by a user who is not a member of that group. Here, the non-member can trigger creation of a plain file whose group ownership is th

nvd

CVE-2018-5527HIGHCVSS 7.5≥ 13.0.0, ≤ 13.1.0.72018-06-27

CVE-2018-5527 [HIGH] CWE-772 CVE-2018-5527: On BIG-IP 13.1.0-13.1.0.7, a remote attacker using undisclosed methods against virtual servers confi On BIG-IP 13.1.0-13.1.0.7, a remote attacker using undisclosed methods against virtual servers configured with a Client SSL or Server SSL profile that has the SSL Forward Proxy feature enabled can force the Traffic Management Microkernel (tmm) to leak memory. As a result, system memory usage increases over time, which may eventually cause a decrease in

nvd

CVE-2018-5513HIGHCVSS 7.5≥ 11.2.1, ≤ 11.5.5≥ 11.6.1, ≤ 11.6.3+3 more2018-06-01

CVE-2018-5513 [HIGH] CWE-20 CVE-2018-5513: On F5 BIG-IP 13.1.0-13.1.0.3, 13.0.0, 12.1.0-12.1.3.3, 11.6.1-11.6.3.1, 11.5.1-11.5.5, or 11.2.1, a On F5 BIG-IP 13.1.0-13.1.0.3, 13.0.0, 12.1.0-12.1.3.3, 11.6.1-11.6.3.1, 11.5.1-11.5.5, or 11.2.1, a malformed TLS handshake causes TMM to crash leading to a disruption of service. This issue is only exposed on the data plane when Proxy SSL configuration is enabled. The control plane is not impacted by this issue.

nvd

CVE-2018-5523HIGHCVSS 7.2≥ 11.5.1, ≤ 11.5.5≥ 11.6.1, ≤ 11.6.3+4 more2018-06-01

CVE-2018-5523 [HIGH] CVE-2018-5523: On F5 BIG-IP 13.1.0-13.1.0.3, 13.0.0, 12.1.0-12.1.3.1, 11.6.1-11.6.3.1, 11.5.1-11.5.5, or 11.2.1 and On F5 BIG-IP 13.1.0-13.1.0.3, 13.0.0, 12.1.0-12.1.3.1, 11.6.1-11.6.3.1, 11.5.1-11.5.5, or 11.2.1 and Enterprise Manager 3.1.1, when authenticated administrative users run commands in the Traffic Management User Interface (TMUI), also referred to as the BIG-IP Configuration utility, restrictions on allowed commands may not be enforced.

nvd

CVE-2018-5525MEDIUMCVSS 4.3≥ 11.2.1, ≤ 11.5.5≥ 11.6.0, ≤ 11.6.3+2 more2018-06-01

CVE-2018-5525 [MEDIUM] CWE-200 CVE-2018-5525: A local file vulnerability exists in the F5 BIG-IP Configuration utility on versions 13.0.0, 12.1.0- A local file vulnerability exists in the F5 BIG-IP Configuration utility on versions 13.0.0, 12.1.0-12.1.2, 11.6.1-11.6.3.1, 11.5.1-11.5.5, or 11.2.1 that exposes files containing F5-provided data only and do not include any configuration data, proxied traffic, or other potentially sensitive customer data.

nvd

CVE-2018-5524MEDIUMCVSS 5.3≥ 11.6.1, ≤ 11.6.3≥ 12.1.0, ≤ 12.1.3+1 more2018-06-01

CVE-2018-5524 [MEDIUM] CVE-2018-5524: Under certain conditions, on F5 BIG-IP 13.0.0-13.1.0.5, 12.1.0-12.1.3.1, or 11.6.1 HF2-11.6.3.1, vir Under certain conditions, on F5 BIG-IP 13.0.0-13.1.0.5, 12.1.0-12.1.3.1, or 11.6.1 HF2-11.6.3.1, virtual servers configured with Client SSL or Server SSL profiles which make use of network hardware security module (HSM) functionality are exposed and impacted by this issue.

nvd

CVE-2017-6153MEDIUMCVSS 5.3≥ 11.5.1, ≤ 11.5.5≥ 11.6.1, ≤ 11.6.3+4 more2018-06-01

CVE-2017-6153 [MEDIUM] CWE-400 CVE-2017-6153: Features in F5 BIG-IP 13.0.0-13.1.0.3, 12.1.0-12.1.3.1, 11.6.1-11.6.3.1, 11.5.1-11.5.5, or 11.2.1 sy Features in F5 BIG-IP 13.0.0-13.1.0.3, 12.1.0-12.1.3.1, 11.6.1-11.6.3.1, 11.5.1-11.5.5, or 11.2.1 system that utilizes inflate functionality directly, via an iRule, or via the inflate code from PEM module are subjected to a service disruption via a "Zip Bomb" attack.

nvd

CVE-2018-5522MEDIUMCVSS 5.9≥ 11.5.0, ≤ 11.5.5≥ 11.6.0, ≤ 11.6.3+3 more2018-06-01

CVE-2018-5522 [MEDIUM] CWE-20 CVE-2018-5522: On F5 BIG-IP 13.0.0, 12.0.0-12.1.2, 11.6.1-11.6.3.1, 11.5.1-11.5.5, or 11.2.1, when processing DIAME On F5 BIG-IP 13.0.0, 12.0.0-12.1.2, 11.6.1-11.6.3.1, 11.5.1-11.5.5, or 11.2.1, when processing DIAMETER transactions with carefully crafted attribute-value pairs, TMM may crash.

nvd

CVE-2018-5521MEDIUMCVSS 6.1≥ 11.5.1, ≤ 11.5.5≥ 11.6.1, ≤ 11.6.3+2 more2018-06-01

CVE-2018-5521 [MEDIUM] CWE-79 CVE-2018-5521: On F5 BIG-IP 12.1.0-12.1.3.1, 11.6.1-11.6.3.1, 11.5.1-11.5.5, or 11.2.1, carefully crafted URLs can On F5 BIG-IP 12.1.0-12.1.3.1, 11.6.1-11.6.3.1, 11.5.1-11.5.5, or 11.2.1, carefully crafted URLs can be used to reflect arbitrary content into GeoIP lookup responses, potentially exposing clients to XSS.

nvd

CVE-2018-5514HIGHCVSS 7.5≥ 13.1.0, ≤ 13.1.0.52018-05-02

CVE-2018-5514 [HIGH] CWE-20 CVE-2018-5514: On F5 BIG-IP 13.1.0-13.1.0.5, maliciously crafted HTTP/2 request frames can lead to denial of servic On F5 BIG-IP 13.1.0-13.1.0.5, maliciously crafted HTTP/2 request frames can lead to denial of service. There is data plane exposure for virtual servers when the HTTP2 profile is enabled. There is no control plane exposure to this issue.

nvd

CVE-2018-5517HIGHCVSS 7.5≥ 13.1.0, ≤ 13.1.0.52018-05-02

CVE-2018-5517 [HIGH] CWE-20 CVE-2018-5517: On F5 BIG-IP 13.1.0-13.1.0.5, malformed TCP packets sent to a self IP address or a FastL4 virtual se On F5 BIG-IP 13.1.0-13.1.0.5, malformed TCP packets sent to a self IP address or a FastL4 virtual server may cause an interruption of service. The control plane is not exposed to this issue. This issue impacts the data plane virtual servers and self IPs.

nvd

CVE-2018-5512HIGHCVSS 7.5≥ 13.1.0, ≤ 13.1.0.52018-05-02

CVE-2018-5512 [HIGH] CVE-2018-5512: On F5 BIG-IP 13.1.0-13.1.0.5, when Large Receive Offload (LRO) and SYN cookies are enabled (default On F5 BIG-IP 13.1.0-13.1.0.5, when Large Receive Offload (LRO) and SYN cookies are enabled (default settings), undisclosed traffic patterns may cause TMM to restart.

nvd

CVE-2018-5520MEDIUMCVSS 4.4≥ 11.2.1, ≤ 11.6.3≥ 12.1.0, ≤ 12.1.3+1 more2018-05-02

CVE-2018-5520 [MEDIUM] CWE-863 CVE-2018-5520: On an F5 BIG-IP 13.0.0-13.1.0.5, 12.1.0-12.1.3.1, or 11.2.1-11.6.3.1 system configured in Appliance On an F5 BIG-IP 13.0.0-13.1.0.5, 12.1.0-12.1.3.1, or 11.2.1-11.6.3.1 system configured in Appliance mode, the TMOS Shell (tmsh) may allow an administrative user to use the dig utility to gain unauthorized access to file system resources.

nvd

CVE-2018-5516MEDIUMCVSS 4.7≥ 11.2.1, ≤ 11.6.3≥ 12.1.0, ≤ 12.1.2+1 more2018-05-02

CVE-2018-5516 [MEDIUM] CWE-732 CVE-2018-5516: On F5 BIG-IP 13.0.0-13.1.0.5, 12.1.0-12.1.2, or 11.2.1-11.6.3.1, Enterprise Manager 3.1.1, BIG-IQ Ce On F5 BIG-IP 13.0.0-13.1.0.5, 12.1.0-12.1.2, or 11.2.1-11.6.3.1, Enterprise Manager 3.1.1, BIG-IQ Centralized Management 5.0.0-5.4.0 or 4.6.0, BIG-IQ Cloud and Orchestration 1.0.0, or F5 iWorkflow 2.0.2-2.3.0, authenticated users granted TMOS Shell (tmsh) access can access objects on the file system which would normally be disallowed by tmsh restricti

nvd

← Previous10 / 13Next →