← Back

Big Ip Domain Name System

big-ip_domain_name_system

Vendor: F5 • 429 CVEs

CVEs (429)

CVE
VENDORS
PRODUCTS
UPDATED
PUBLISHED
CVSS
CVE-2020-5903
1F5
11Big Ip Access Policy Manager
Big Ip Advanced Firewall ManagerBig Ip Analytics+8 more
Nov 21, 2024
Jul 1, 2020
N/A· v4
6.1 MEDIUM· v3
4.3 MEDIUM· v2
In BIG-IP versions 15.0.0-15.1.0.3, 14.1.0-14.1.2.5, 13.1.0-13.1.3.3, 12.1.0-12.1.5.1, a Cross-Site Scripting (XSS) vulnerability exists in an undisclosed page of the BIG-IP Configuration utility.
CVE-2020-5902
1F5
14Big Ip Access Policy Manager
Big Ip Advanced Firewall ManagerBig Ip Advanced Web Application Firewall+11 more
Oct 27, 2025
Jul 1, 2020
N/A· v4
9.8 CRITICAL· v3
10.0 HIGH· v2
In BIG-IP versions 15.0.0-15.1.0.3, 14.1.0-14.1.2.5, 13.1.0-13.1.3.3, 12.1.0-12.1.5.1, and 11.6.1-11.6.5.1, the Traffic Management User Interface (TMUI), also referred to as the Configuration utility, has a Remote Code E...Show more
In BIG-IP versions 15.0.0-15.1.0.3, 14.1.0-14.1.2.5, 13.1.0-13.1.3.3, 12.1.0-12.1.5.1, and 11.6.1-11.6.5.1, the Traffic Management User Interface (TMUI), also referred to as the Configuration utility, has a Remote Code Execution (RCE) vulnerability in undisclosed pages.Show less
CVE-2020-5890
1F5
12Big Ip Access Policy Manager
Big Ip Advanced Firewall ManagerBig Ip Analytics+9 more
Nov 21, 2024
Apr 30, 2020
N/A· v4
5.5 MEDIUM· v3
2.1 LOW· v2
On BIG-IP 15.0.0-15.0.1, 14.1.0-14.1.2.3, 13.1.0-13.1.3.3, and 12.1.0-12.1.5.1 and BIG-IQ 5.2.0-7.1.0, when creating a QKView, credentials for binding to LDAP servers used for remote authentication of the BIG-IP administ...Show more
On BIG-IP 15.0.0-15.0.1, 14.1.0-14.1.2.3, 13.1.0-13.1.3.3, and 12.1.0-12.1.5.1 and BIG-IQ 5.2.0-7.1.0, when creating a QKView, credentials for binding to LDAP servers used for remote authentication of the BIG-IP administrative interface will not fully obfuscate if they contain whitespace.Show less
CVE-2020-5888
1F5
11Big Ip Access Policy Manager
Big Ip Advanced Firewall ManagerBig Ip Analytics+8 more
Nov 21, 2024
Apr 30, 2020
N/A· v4
8.1 HIGH· v3
3.3 LOW· v2
On versions 15.1.0-15.1.0.1, 15.0.0-15.0.1.2, and 14.1.0-14.1.2.3, BIG-IP Virtual Edition (VE) may expose a mechanism for adjacent network (layer 2) attackers to access local daemons and bypass port lockdown settings.
CVE-2020-5887
1F5
13Big Ip Access Policy Manager
Big Ip Advanced Firewall ManagerBig Ip Analytics+10 more
Nov 21, 2024
Apr 30, 2020
N/A· v4
9.1 CRITICAL· v3
6.4 MEDIUM· v2
On versions 15.1.0-15.1.0.1, 15.0.0-15.0.1.2, and 14.1.0-14.1.2.3, BIG-IP Virtual Edition (VE) may expose a mechanism for remote attackers to access local daemons and bypass port lockdown settings.
CVE-2020-5886
1F5
11Big Ip Access Policy Manager
Big Ip Advanced Firewall ManagerBig Ip Analytics+8 more
Nov 21, 2024
Apr 30, 2020
N/A· v4
9.1 CRITICAL· v3
6.4 MEDIUM· v2
On versions 15.0.0-15.1.0.1, 14.1.0-14.1.2.3, 13.1.0-13.1.3.3, and 12.1.0-12.1.5.1, BIG-IP systems setup for connection mirroring in a High Availability (HA) pair transfers sensitive cryptographic objects over an insecur...Show more
On versions 15.0.0-15.1.0.1, 14.1.0-14.1.2.3, 13.1.0-13.1.3.3, and 12.1.0-12.1.5.1, BIG-IP systems setup for connection mirroring in a High Availability (HA) pair transfers sensitive cryptographic objects over an insecure communications channel. This is a control plane issue which is exposed only on the network used for connection mirroring.Show less
CVE-2020-5885
1F5
11Big Ip Access Policy Manager
Big Ip Advanced Firewall ManagerBig Ip Analytics+8 more
Nov 21, 2024
Apr 30, 2020
N/A· v4
9.1 CRITICAL· v3
6.4 MEDIUM· v2
On versions 15.0.0-15.1.0.1, 14.1.0-14.1.2.3, 13.1.0-13.1.3.3, and 12.1.0-12.1.5.1, BIG-IP systems set up for connection mirroring in a high availability (HA) pair transfer sensitive cryptographic objects over an insecur...Show more
On versions 15.0.0-15.1.0.1, 14.1.0-14.1.2.3, 13.1.0-13.1.3.3, and 12.1.0-12.1.5.1, BIG-IP systems set up for connection mirroring in a high availability (HA) pair transfer sensitive cryptographic objects over an insecure communications channel. This is a control plane issue which is exposed only on the network used for connection mirroring.Show less
CVE-2020-5884
1F5
11Big Ip Access Policy Manager
Big Ip Advanced Firewall ManagerBig Ip Analytics+8 more
Nov 21, 2024
Apr 30, 2020
N/A· v4
9.1 CRITICAL· v3
6.4 MEDIUM· v2
On versions 15.0.0-15.1.0.3, 14.1.0-14.1.2.4, 13.1.0-13.1.3.3, 12.1.0-12.1.5.1, and 11.6.1-11.6.5.1, the default deployment mode for BIG-IP high availability (HA) pair mirroring is insecure. This is a control plane issue...Show more
On versions 15.0.0-15.1.0.3, 14.1.0-14.1.2.4, 13.1.0-13.1.3.3, 12.1.0-12.1.5.1, and 11.6.1-11.6.5.1, the default deployment mode for BIG-IP high availability (HA) pair mirroring is insecure. This is a control plane issue that is exposed only on the network used for mirroring.Show less
CVE-2020-5882
1F5
13Big Ip Access Policy Manager
Big Ip Advanced Firewall ManagerBig Ip Analytics+10 more
Nov 21, 2024
Apr 30, 2020
N/A· v4
7.5 HIGH· v3
5.0 MEDIUM· v2
On BIG-IP 15.0.0-15.0.1.3, 14.1.0-14.1.2.3, 13.1.0-13.1.3.3, 12.1.0-12.1.5, and 11.6.1-11.6.5.1, under certain conditions, the Intel QuickAssist Technology (QAT) cryptography driver may produce a Traffic Management Micro...Show more
On BIG-IP 15.0.0-15.0.1.3, 14.1.0-14.1.2.3, 13.1.0-13.1.3.3, 12.1.0-12.1.5, and 11.6.1-11.6.5.1, under certain conditions, the Intel QuickAssist Technology (QAT) cryptography driver may produce a Traffic Management Microkernel (TMM) core file.Show less
CVE-2020-5881
1F5
11Big Ip Access Policy Manager
Big Ip Advanced Firewall ManagerBig Ip Analytics+8 more
Nov 21, 2024
Apr 30, 2020
N/A· v4
7.5 HIGH· v3
5.0 MEDIUM· v2
On versions 15.0.0-15.1.0.1, 14.1.0-14.1.2.3, and 13.1.0-13.1.3.3, when the BIG-IP Virtual Edition (VE) is configured with VLAN groups and there are devices configured with OSPF connected to it, the Network Device Abstra...Show more
On versions 15.0.0-15.1.0.1, 14.1.0-14.1.2.3, and 13.1.0-13.1.3.3, when the BIG-IP Virtual Edition (VE) is configured with VLAN groups and there are devices configured with OSPF connected to it, the Network Device Abstraction Layer (NDAL) Interfaces can lock up and in turn disrupting the communication between the mcpd and tmm processes.Show less
CVE-2020-5880
1F5
11Big Ip Access Policy Manager
Big Ip Advanced Firewall ManagerBig Ip Analytics+8 more
Nov 21, 2024
Apr 30, 2020
N/A· v4
7.1 HIGH· v3
5.5 MEDIUM· v2
Om BIG-IP 15.0.0-15.0.1.3 and 14.1.0-14.1.2.3, the restjavad process may expose a way for attackers to upload arbitrary files on the BIG-IP system, bypassing the authorization system. Resulting error messages may also re...Show more
Om BIG-IP 15.0.0-15.0.1.3 and 14.1.0-14.1.2.3, the restjavad process may expose a way for attackers to upload arbitrary files on the BIG-IP system, bypassing the authorization system. Resulting error messages may also reveal internal paths of the server.Show less
CVE-2020-5878
1F5
11Big Ip Access Policy Manager
Big Ip Advanced Firewall ManagerBig Ip Analytics+8 more
Nov 21, 2024
Apr 30, 2020
N/A· v4
7.5 HIGH· v3
5.0 MEDIUM· v2
On versions 15.1.0-15.1.0.1, 15.0.0-15.0.1.1, and 14.1.0-14.1.2.3, Traffic Management Microkernel (TMM) may restart on BIG-IP Virtual Edition (VE) while processing unusual IP traffic.
CVE-2020-5877
1F5
11Big Ip Access Policy Manager
Big Ip Advanced Firewall ManagerBig Ip Analytics+8 more
Nov 21, 2024
Apr 30, 2020
N/A· v4
7.5 HIGH· v3
5.0 MEDIUM· v2
On BIG-IP 15.0.0-15.1.0.1, 14.1.0-14.1.2.3, 13.1.0-13.1.3.3, 12.1.0-12.1.5.1, and 11.6.1-11.6.5.1, malformed input to the DATAGRAM::tcp iRules command within a FLOW_INIT event may lead to a denial of service.
CVE-2020-5876
1F5
11Big Ip Access Policy Manager
Big Ip Advanced Firewall ManagerBig Ip Analytics+8 more
Nov 21, 2024
Apr 30, 2020
N/A· v4
8.1 HIGH· v3
6.8 MEDIUM· v2
On BIG-IP 15.0.0-15.0.1.3, 14.1.0-14.1.2.3, 13.1.0-13.1.3.3, 12.1.0-12.1.5.1, and 11.6.1-11.6.5.1, a race condition exists where mcpd and other processes may make unencrypted connection attempts to a new configuration sy...Show more
On BIG-IP 15.0.0-15.0.1.3, 14.1.0-14.1.2.3, 13.1.0-13.1.3.3, 12.1.0-12.1.5.1, and 11.6.1-11.6.5.1, a race condition exists where mcpd and other processes may make unencrypted connection attempts to a new configuration sync peer. The race condition can occur when changing the ConfigSync IP address of a peer, adding a new peer, or when the Traffic Management Microkernel (TMM) first starts up.Show less
CVE-2020-5875
1F5
11Big Ip Access Policy Manager
Big Ip Advanced Firewall ManagerBig Ip Analytics+8 more
Nov 21, 2024
Apr 30, 2020
N/A· v4
7.5 HIGH· v3
5.0 MEDIUM· v2
On BIG-IP 15.0.0-15.0.1 and 14.1.0-14.1.2.3, under certain conditions, the Traffic Management Microkernel (TMM) may generate a core file and restart while processing SSL traffic with an HTTP/2 full proxy.
CVE-2020-5873
1F5
12Big Ip Access Policy Manager
Big Ip Advanced Firewall ManagerBig Ip Analytics+9 more
Nov 21, 2024
Apr 30, 2020
N/A· v4
7.2 HIGH· v3
6.5 MEDIUM· v2
On BIG-IP 15.0.0-15.0.1, 14.1.0-14.1.2.3, 13.1.0-13.1.3.1, 12.1.0-12.1.5, and 11.6.1-11.6.5 and BIG-IQ 5.2.0-7.1.0, a user associated with the Resource Administrator role who has access to the secure copy (scp) utility b...Show more
On BIG-IP 15.0.0-15.0.1, 14.1.0-14.1.2.3, 13.1.0-13.1.3.1, 12.1.0-12.1.5, and 11.6.1-11.6.5 and BIG-IQ 5.2.0-7.1.0, a user associated with the Resource Administrator role who has access to the secure copy (scp) utility but does not have access to Advanced Shell (bash) can execute arbitrary commands using a maliciously crafted scp request.Show less
CVE-2020-5872
1F5
11Big Ip Access Policy Manager
Big Ip Advanced Firewall ManagerBig Ip Analytics+8 more
Nov 21, 2024
Apr 30, 2020
N/A· v4
7.5 HIGH· v3
5.0 MEDIUM· v2
On BIG-IP 14.1.0-14.1.2.3, 14.0.0-14.0.1, 13.1.0-13.1.3.1, and 12.1.0-12.1.4.1, when processing TLS traffic with hardware cryptographic acceleration enabled on platforms with Intel QAT hardware, the Traffic Management Mi...Show more
On BIG-IP 14.1.0-14.1.2.3, 14.0.0-14.0.1, 13.1.0-13.1.3.1, and 12.1.0-12.1.4.1, when processing TLS traffic with hardware cryptographic acceleration enabled on platforms with Intel QAT hardware, the Traffic Management Microkernel (TMM) may stop responding and cause a failover event.Show less
CVE-2020-5871
1F5
11Big Ip Access Policy Manager
Big Ip Advanced Firewall ManagerBig Ip Analytics+8 more
Nov 21, 2024
Apr 30, 2020
N/A· v4
7.5 HIGH· v3
5.0 MEDIUM· v2
On BIG-IP 14.1.0-14.1.2.3, undisclosed requests can lead to a denial of service (DoS) when sent to BIG-IP HTTP/2 virtual servers. The problem can occur when ciphers, which have been blacklisted by the HTTP/2 RFC, are use...Show more
On BIG-IP 14.1.0-14.1.2.3, undisclosed requests can lead to a denial of service (DoS) when sent to BIG-IP HTTP/2 virtual servers. The problem can occur when ciphers, which have been blacklisted by the HTTP/2 RFC, are used on backend servers. This is a data-plane issue. There is no control-plane exposure.Show less
CVE-2020-5862
1F5
11Big Ip Access Policy Manager
Big Ip Advanced Firewall ManagerBig Ip Analytics+8 more
Nov 21, 2024
Mar 27, 2020
N/A· v4
7.5 HIGH· v3
5.0 MEDIUM· v2
On BIG-IP 15.1.0-15.1.0.1, 15.0.0-15.0.1.1, and 14.1.0-14.1.2.2, under certain conditions, TMM may crash or stop processing new traffic with the DPDK/ENA driver on AWS systems while sending traffic. This issue does not a...Show more
On BIG-IP 15.1.0-15.1.0.1, 15.0.0-15.0.1.1, and 14.1.0-14.1.2.2, under certain conditions, TMM may crash or stop processing new traffic with the DPDK/ENA driver on AWS systems while sending traffic. This issue does not affect any other platforms, hardware or virtual, or any other cloud provider since the affected driver is specific to AWS.Show less
CVE-2020-5861
1F5
11Big Ip Access Policy Manager
Big Ip Advanced Firewall ManagerBig Ip Analytics+8 more
Nov 21, 2024
Mar 27, 2020
N/A· v4
7.5 HIGH· v3
5.0 MEDIUM· v2
On BIG-IP 12.1.0-12.1.5, the TMM process may produce a core file in some cases when Ram Cache incorrectly optimizes stored data resulting in memory errors.