Big Ip Policy Enforcement Manager

big-ip_policy_enforcement_manager

Vendor: F5 • 495 CVEs

CVEs (495)

CVE VENDORS PRODUCTS UPDATED PUBLISHED CVSS
CVE-2019-6667 1F5 13Big Ip Access Policy Manager Big Ip Advanced Firewall ManagerBig Ip Analytics+10 more Nov 21, 2024 Nov 27, 2019 N/A· v4 7.5 HIGH· v3 4.3 MEDIUM· v2 On BIG-IP 15.0.0-15.0.1, 14.1.0-14.1.0.5, 14.0.0-14.0.0.4, 13.1.0-13.1.1.5, 12.1.0-12.1.4.1, and 11.5.1-11.6.5, under certain conditions, TMM may consume excessive resources when processing traffic for a Virtual Server w...Show more On BIG-IP 15.0.0-15.0.1, 14.1.0-14.1.0.5, 14.0.0-14.0.0.4, 13.1.0-13.1.1.5, 12.1.0-12.1.4.1, and 11.5.1-11.6.5, under certain conditions, TMM may consume excessive resources when processing traffic for a Virtual Server with the FIX (Financial Information eXchange) profile applied.Show less
CVE-2019-6666 1F5 13Big Ip Access Policy Manager Big Ip Advanced Firewall ManagerBig Ip Analytics+10 more Nov 21, 2024 Nov 27, 2019 N/A· v4 7.5 HIGH· v3 5.0 MEDIUM· v2 On BIG-IP 15.0.0-15.0.1, 14.1.0-14.1.0.5, 14.0.0-14.0.0.4, and 13.1.0-13.1.1.4, the TMM process may produce a core file when an upstream server or cache sends the BIG-IP an invalid age header value.
CVE-2019-6675 1F5 11Big Ip Access Policy Manager Big Ip Advanced Firewall ManagerBig Ip Analytics+8 more Nov 21, 2024 Nov 26, 2019 N/A· v4 9.8 CRITICAL· v3 7.5 HIGH· v2 BIG-IP configurations using Active Directory, LDAP, or Client Certificate LDAP for management authentication with multiple servers are exposed to a vulnerability which allows an authentication bypass. This can result in...Show more BIG-IP configurations using Active Directory, LDAP, or Client Certificate LDAP for management authentication with multiple servers are exposed to a vulnerability which allows an authentication bypass. This can result in a complete compromise of the system. This issue only impacts specific engineering hotfixes using the aforementioned authentication configuration. NOTE: This vulnerability does not affect any of the BIG-IP major, minor or maintenance releases you obtained from downloads.f5.com. The affected Engineering Hotfix builds are as follows: Hotfix-BIGIP-14.1.0.3.0.79.6-ENG.iso, Hotfix-BIGIP-14.1.0.3.0.97.6-ENG.iso, Hotfix-BIGIP-14.1.0.3.0.99.6-ENG.iso, Hotfix-BIGIP-14.1.0.5.0.15.5-ENG.iso, Hotfix-BIGIP-14.1.0.5.0.36.5-ENG.iso, Hotfix-BIGIP-14.1.0.5.0.40.5-ENG.iso, Hotfix-BIGIP-14.1.0.6.0.11.9-ENG.iso, Hotfix-BIGIP-14.1.0.6.0.14.9-ENG.iso, Hotfix-BIGIP-14.1.0.6.0.68.9-ENG.iso, Hotfix-BIGIP-14.1.0.6.0.70.9-ENG.iso, Hotfix-BIGIP-14.1.2.0.11.37-ENG.iso, Hotfix-BIGIP-14.1.2.0.18.37-ENG.iso, Hotfix-BIGIP-14.1.2.0.32.37-ENG.iso, Hotfix-BIGIP-14.1.2.1.0.46.4-ENG.iso, Hotfix-BIGIP-14.1.2.1.0.14.4-ENG.iso, Hotfix-BIGIP-14.1.2.1.0.16.4-ENG.iso, Hotfix-BIGIP-14.1.2.1.0.34.4-ENG.iso, Hotfix-BIGIP-14.1.2.1.0.97.4-ENG.iso, Hotfix-BIGIP-14.1.2.1.0.99.4-ENG.iso, Hotfix-BIGIP-14.1.2.1.0.105.4-ENG.iso, Hotfix-BIGIP-14.1.2.1.0.111.4-ENG.iso, Hotfix-BIGIP-14.1.2.1.0.115.4-ENG.iso, Hotfix-BIGIP-14.1.2.1.0.122.4-ENG.iso, Hotfix-BIGIP-15.0.1.0.33.11-ENG.iso, Hotfix-BIGIP-15.0.1.0.48.11-ENG.isoShow less
CVE-2019-6664 1F5 13Big Ip Access Policy Manager Big Ip Advanced Firewall ManagerBig Ip Analytics+10 more Nov 21, 2024 Nov 15, 2019 N/A· v4 7.5 HIGH· v3 5.0 MEDIUM· v2 On BIG-IP 15.0.0 and 14.1.0-14.1.0.6, under certain conditions, network protections on the management port do not follow current best practices.
CVE-2019-6663 1F5 16Big Ip Access Policy Manager Big Ip Advanced Firewall ManagerBig Ip Analytics+13 more Nov 21, 2024 Nov 15, 2019 N/A· v4 5.5 MEDIUM· v3 4.3 MEDIUM· v2 The BIG-IP 15.0.0-15.0.1, 14.0.0-14.1.2.2, 13.1.0-13.1.3.1, 12.1.0-12.1.5, and 11.5.1-11.6.5.1, BIG-IQ 7.0.0, 6.0.0-6.1.0, and 5.2.0-5.4.0, iWorkflow 2.3.0, and Enterprise Manager 3.1.1 configuration utility is vulnerabl...Show more The BIG-IP 15.0.0-15.0.1, 14.0.0-14.1.2.2, 13.1.0-13.1.3.1, 12.1.0-12.1.5, and 11.5.1-11.6.5.1, BIG-IQ 7.0.0, 6.0.0-6.1.0, and 5.2.0-5.4.0, iWorkflow 2.3.0, and Enterprise Manager 3.1.1 configuration utility is vulnerable to Anti DNS Pinning (DNS Rebinding) attack.Show less
CVE-2019-6662 1F5 13Big Ip Access Policy Manager Big Ip Advanced Firewall ManagerBig Ip Analytics+10 more Nov 21, 2024 Nov 15, 2019 N/A· v4 6.5 MEDIUM· v3 4.0 MEDIUM· v2 On BIG-IP 13.1.0-13.1.1.4, sensitive information is logged into the local log files and/or remote logging targets when restjavad processes an invalid request. Users with access to the log files would be able to view that...Show more On BIG-IP 13.1.0-13.1.1.4, sensitive information is logged into the local log files and/or remote logging targets when restjavad processes an invalid request. Users with access to the log files would be able to view that data.Show less
CVE-2019-6660 1F5 13Big Ip Access Policy Manager Big Ip Advanced Firewall ManagerBig Ip Analytics+10 more Nov 21, 2024 Nov 15, 2019 N/A· v4 7.5 HIGH· v3 5.0 MEDIUM· v2 On BIG-IP 14.1.0-14.1.2, 14.0.0-14.0.1, and 13.1.0-13.1.1, undisclosed HTTP requests may consume excessive amounts of systems resources which may lead to a denial of service.
CVE-2019-6659 1F5 13Big Ip Access Policy Manager Big Ip Advanced Firewall ManagerBig Ip Analytics+10 more Nov 21, 2024 Nov 15, 2019 N/A· v4 7.5 HIGH· v3 5.0 MEDIUM· v2 On version 14.0.0-14.1.0.1, BIG-IP virtual servers with TLSv1.3 enabled may experience a denial of service due to undisclosed incoming messages.
CVE-2018-12207 8Canonical DebianF5+5 more 778Big Ip Access Policy Manager Big Ip Advanced Firewall ManagerBig Ip Analytics+775 more Nov 21, 2024 Nov 14, 2019 N/A· v4 6.5 MEDIUM· v3 4.9 MEDIUM· v2 Improper invalidation for page table updates by a virtual guest operating system for multiple Intel(R) Processors may allow an authenticated user to potentially enable denial of service of the host system via local acces...Show more Improper invalidation for page table updates by a virtual guest operating system for multiple Intel(R) Processors may allow an authenticated user to potentially enable denial of service of the host system via local access.Show less
CVE-2019-6657 1F5 13Big Ip Access Policy Manager Big Ip Advanced Firewall ManagerBig Ip Analytics+10 more Nov 21, 2024 Nov 1, 2019 N/A· v4 6.1 MEDIUM· v3 4.3 MEDIUM· v2 On BIG-IP 13.1.0-13.1.3.1, 12.1.0-12.1.5, and 11.5.2-11.6.5.1, a reflected cross-site scripting (XSS) vulnerability exists in an undisclosed page of the BIG-IP Traffic Management User Interface (TMUI), also known as the...Show more On BIG-IP 13.1.0-13.1.3.1, 12.1.0-12.1.5, and 11.5.2-11.6.5.1, a reflected cross-site scripting (XSS) vulnerability exists in an undisclosed page of the BIG-IP Traffic Management User Interface (TMUI), also known as the BIG-IP Configuration utility.Show less
CVE-2019-6471 2F5 Isc 17Big Ip Access Policy Manager Big Ip Advanced Firewall ManagerBig Ip Analytics+14 more Nov 21, 2024 Oct 9, 2019 N/A· v4 5.9 MEDIUM· v3 4.3 MEDIUM· v2 A race condition which may occur when discarding malformed packets can result in BIND exiting due to a REQUIRE assertion failure in dispatch.c. Versions affected: BIND 9.11.0 -> 9.11.7, 9.12.0 -> 9.12.4-P1, 9.14.0 -> 9.1...Show more A race condition which may occur when discarding malformed packets can result in BIND exiting due to a REQUIRE assertion failure in dispatch.c. Versions affected: BIND 9.11.0 -> 9.11.7, 9.12.0 -> 9.12.4-P1, 9.14.0 -> 9.14.2. Also all releases of the BIND 9.13 development branch and version 9.15.0 of the BIND 9.15 development branch and BIND Supported Preview Edition versions 9.11.3-S1 -> 9.11.7-S1.Show less
CVE-2018-5743 2F5 Isc 17Big Ip Access Policy Manager Big Ip Advanced Firewall ManagerBig Ip Analytics+14 more Nov 21, 2024 Oct 9, 2019 N/A· v4 7.5 HIGH· v3 4.3 MEDIUM· v2 By design, BIND is intended to limit the number of TCP clients that can be connected at any given time. The number of allowed connections is a tunable parameter which, if unset, defaults to a conservative value for most...Show more By design, BIND is intended to limit the number of TCP clients that can be connected at any given time. The number of allowed connections is a tunable parameter which, if unset, defaults to a conservative value for most servers. Unfortunately, the code which was intended to limit the number of simultaneous connections contained an error which could be exploited to grow the number of simultaneous connections beyond this limit. Versions affected: BIND 9.9.0 -> 9.10.8-P1, 9.11.0 -> 9.11.6, 9.12.0 -> 9.12.4, 9.14.0. BIND 9 Supported Preview Edition versions 9.9.3-S1 -> 9.11.5-S3, and 9.11.5-S5. Versions 9.13.0 -> 9.13.7 of the 9.13 development branch are also affected. Versions prior to BIND 9.9.0 have not been evaluated for vulnerability to CVE-2018-5743.Show less
CVE-2018-14880 7Apple DebianF5+4 more 23Big Ip Access Policy Manager Big Ip Advanced Firewall ManagerBig Ip Analytics+20 more Nov 21, 2024 Oct 3, 2019 N/A· v4 7.5 HIGH· v3 5.0 MEDIUM· v2 The OSPFv3 parser in tcpdump before 4.9.3 has a buffer over-read in print-ospf6.c:ospf6_print_lshdr().
CVE-2018-14468 7Apple DebianF5+4 more 23Big Ip Access Policy Manager Big Ip Advanced Firewall ManagerBig Ip Analytics+20 more Dec 3, 2025 Oct 3, 2019 N/A· v4 7.5 HIGH· v3 5.0 MEDIUM· v2 The FRF.16 parser in tcpdump before 4.9.3 has a buffer over-read in print-fr.c:mfr_print().
CVE-2019-6655 1F5 6Big Ip Access Policy Manager Big Ip Advanced Firewall ManagerBig Ip Analytics+3 more Nov 21, 2024 Sep 25, 2019 N/A· v4 5.3 MEDIUM· v3 4.3 MEDIUM· v2 On versions 13.0.0-13.1.0.1, 12.1.0-12.1.4.1, 11.6.1-11.6.4, and 11.5.1-11.5.9, BIG-IP platforms where AVR, ASM, APM, PEM, AFM, and/or AAM is provisioned may leak sensitive data.
CVE-2019-6654 1F5 13Big Ip Access Policy Manager Big Ip Advanced Firewall ManagerBig Ip Analytics+10 more Nov 21, 2024 Sep 25, 2019 N/A· v4 4.3 MEDIUM· v3 3.3 LOW· v2 On versions 14.0.0-14.1.2, 13.0.0-13.1.3, 12.1.0-12.1.5, and 11.5.1-11.6.5, the BIG-IP system fails to perform Martian Address Filtering (As defined in RFC 1812 section 5.3.7) on the control plane (management interface)....Show more On versions 14.0.0-14.1.2, 13.0.0-13.1.3, 12.1.0-12.1.5, and 11.5.1-11.6.5, the BIG-IP system fails to perform Martian Address Filtering (As defined in RFC 1812 section 5.3.7) on the control plane (management interface). This may allow attackers on an adjacent system to force BIG-IP into processing packets with spoofed source addresses.Show less
CVE-2019-6651 1F5 16Big Ip Access Policy Manager Big Ip Advanced Firewall ManagerBig Ip Analytics+13 more Nov 21, 2024 Sep 25, 2019 N/A· v4 5.3 MEDIUM· v3 5.0 MEDIUM· v2 In BIG-IP 15.0.0, 14.1.0-14.1.0.6, 14.0.0-14.0.0.5, 13.0.0-13.1.1.5, 12.1.0-12.1.4.1, 11.5.1-11.6.4, BIG-IQ 7.0.0, 6.0.0-6.1.0,5.2.0-5.4.0, iWorkflow 2.3.0, and Enterprise Manager 3.1.1, the Configuration utility login p...Show more In BIG-IP 15.0.0, 14.1.0-14.1.0.6, 14.0.0-14.0.0.5, 13.0.0-13.1.1.5, 12.1.0-12.1.4.1, 11.5.1-11.6.4, BIG-IQ 7.0.0, 6.0.0-6.1.0,5.2.0-5.4.0, iWorkflow 2.3.0, and Enterprise Manager 3.1.1, the Configuration utility login page may not follow best security practices when handling a malicious request.Show less
CVE-2019-6649 1F5 14Big Ip Access Policy Manager Big Ip Advanced Firewall ManagerBig Ip Analytics+11 more Nov 21, 2024 Sep 20, 2019 N/A· v4 9.1 CRITICAL· v3 5.8 MEDIUM· v2 F5 BIG-IP 15.0.0, 14.1.0-14.1.0.6, 14.0.0-14.0.0.5, 13.0.0-13.1.1.5, 12.1.0-12.1.4.1, 11.6.0-11.6.4, and 11.5.1-11.5.9 and Enterprise Manager 3.1.1 may expose sensitive information and allow the system configuration to b...Show more F5 BIG-IP 15.0.0, 14.1.0-14.1.0.6, 14.0.0-14.0.0.5, 13.0.0-13.1.1.5, 12.1.0-12.1.4.1, 11.6.0-11.6.4, and 11.5.1-11.5.9 and Enterprise Manager 3.1.1 may expose sensitive information and allow the system configuration to be modified when using non-default ConfigSync settings.Show less
CVE-2019-6646 1F5 14Big Ip Access Policy Manager Big Ip Advanced Firewall ManagerBig Ip Analytics+11 more Nov 21, 2024 Sep 4, 2019 N/A· v4 8.8 HIGH· v3 6.5 MEDIUM· v2 On BIG-IP 11.5.2-11.6.4 and Enterprise Manager 3.1.1, REST users with guest privileges may be able to escalate their privileges and run commands with admin privileges.
CVE-2019-6643 1F5 13Big Ip Access Policy Manager Big Ip Advanced Firewall ManagerBig Ip Analytics+10 more Nov 21, 2024 Sep 4, 2019 N/A· v4 7.5 HIGH· v3 5.0 MEDIUM· v2 On versions 14.1.0-14.1.0.5, 14.0.0-14.0.0.4, 13.0.0-13.1.2, 12.1.0-12.1.4.1, and 11.5.2-11.6.4, an attacker sending specifically crafted DHCPv6 requests through a BIG-IP virtual server configured with a DHCPv6 profile m...Show more On versions 14.1.0-14.1.0.5, 14.0.0-14.0.0.4, 13.0.0-13.1.2, 12.1.0-12.1.4.1, and 11.5.2-11.6.4, an attacker sending specifically crafted DHCPv6 requests through a BIG-IP virtual server configured with a DHCPv6 profile may be able to cause the TMM process to produce a core file.Show less

Previous 1...141516...25 Next