Summary
| Detail | |||
|---|---|---|---|
| Vendor | f5 | First view | 2012-05-24 |
| Product | Big-Ip Link Controller | Last view | 2024-08-14 |
| Version | 9.2.2 | Type | Application |
| Update | * | ||
| Edition | * | ||
| Language | * | ||
| Sofware Edition | * | ||
| Target Software | * | ||
| Target Hardware | * | ||
| Other | * | ||
| CPE Product | cpe:2.3:a:f5:big-ip_link_controller | ||
Activity : Overall
Related : CVE
| Date | Alert | Description | |
|---|---|---|---|
| 7.5 | 2024-08-14 | CVE-2024-41727 | In BIG-IP tenants running on r2000 and r4000 series hardware, or BIG-IP Virtual Edition (VEs) using Intel E810 SR-IOV NIC, undisclosed traffic can cause an increase in memory resource utilization.  Note: Software versions which have reached End of Technical Support (EoTS) are not evaluated. |
| 4.3 | 2024-08-14 | CVE-2024-41723 | Undisclosed requests to BIG-IP iControl REST can lead to information leak of user account names. Note: Software versions which have reached End of Technical Support (EoTS) are not evaluated. |
| 7.5 | 2024-08-14 | CVE-2024-41164 | When TCP profile with Multipath TCP enabled (MPTCP) is configured on a Virtual Server, undisclosed traffic along with conditions beyond the attackers control can cause TMM to terminate.
Note: Software versions which have reached End of Technical Support (EoTS) are not evaluated. |
| 7.5 | 2024-08-14 | CVE-2024-39778 | When a stateless virtual server is configured on BIG-IP system with a High-Speed Bridge (HSB), undisclosed requests can cause TMM to terminate. Â Note: Software versions which have reached End of Technical Support (EoTS) are not evaluated. |
| 7.5 | 2024-02-14 | CVE-2024-24775 | When a virtual server is enabled with VLAN group and SNAT listener is configured, undisclosed traffic can cause the Traffic Management Microkernel (TMM) to terminate. Note: Software versions which have reached End of Technical Support (EoTS) are not evaluated |
| 7.5 | 2024-02-14 | CVE-2024-23979 | When SSL Client Certificate LDAP or Certificate Revocation List Distribution Point (CRLDP) authentication profile is configured on a virtual server, undisclosed requests can cause an increase in CPU resource utilization.
Note: Software versions which have reached End of Technical Support (EoTS) are not evaluated |
| 4.4 | 2024-02-14 | CVE-2024-23976 | When running in Appliance mode, an authenticated attacker assigned the Administrator role may be able to bypass Appliance mode restrictions utilizing iAppsLX templates on a BIG-IP system. Â Note: Software versions which have reached End of Technical Support (EoTS) are not evaluated |
| 7.5 | 2024-02-14 | CVE-2024-23314 | When HTTP/2 is configured on BIG-IP or BIG-IP Next SPK systems, undisclosed responses can cause the Traffic Management Microkernel (TMM) to terminate. Note: Software versions which have reached End of Technical Support (EoTS) are not evaluated |
| 6.5 | 2024-02-14 | CVE-2024-22389 | When BIG-IP is deployed in high availability (HA) and an iControl REST API token is updated, the change does not sync to the peer device. Note: Software versions which have reached End of Technical Support (EoTS) are not evaluated |
| 9.6 | 2024-02-14 | CVE-2024-22093 | When running in appliance mode, an authenticated remote command injection vulnerability exists in an undisclosed iControl REST endpoint on multi-bladed systems. A successful exploit can allow the attacker to cross a security boundary. Note: Software versions which have reached End of Technical Support (EoTS) are not evaluated |
| 6.7 | 2024-02-14 | CVE-2024-21782 | BIG-IP or BIG-IQ Resource Administrators and Certificate Managers who have access to the secure copy (scp) utility but do not have access to Advanced shell (bash) can execute arbitrary commands with a specially crafted command string. This vulnerability is due to an incomplete fix for CVE-2020-5873. Note: Software versions which have reached End of Technical Support (EoTS) are not evaluated |
| 8.8 | 2023-10-26 | CVE-2023-46748 | An authenticated SQL injection vulnerability exists in the BIG-IP Configuration utility which may allow an authenticated attacker with network access to the Configuration utility through the BIG-IP management port and/or self IP addresses to execute arbitrary system commands. Â Note: Software versions which have reached End of Technical Support (EoTS) are not evaluated |
| 9.8 | 2023-10-26 | CVE-2023-46747 | Undisclosed requests may bypass configuration utility authentication, allowing an attacker with network access to the BIG-IP system through the management port and/or self IP addresses to execute arbitrary system commands.  Note: Software versions which have reached End of Technical Support (EoTS) are not evaluated |
| 4.4 | 2023-10-10 | CVE-2023-45219 | Exposure of Sensitive Information vulnerability exist in an undisclosed BIG-IP TMOS shell (tmsh) command which may allow an authenticated attacker with resource administrator role privileges to view sensitive information.  Note: Software versions which have reached End of Technical Support (EoTS) are not evaluated. |
| 7.5 | 2023-10-10 | CVE-2023-44487 | The HTTP/2 protocol allows a denial of service (server resource consumption) because request cancellation can reset many streams quickly, as exploited in the wild in August through October 2023. |
| 8.7 | 2023-10-10 | CVE-2023-43746 | When running in Appliance mode, an authenticated user assigned the Administrator role may be able to bypass Appliance mode restrictions, utilizing BIG-IP external monitor on a BIG-IP system. A successful exploit can allow the attacker to cross a security boundary. Note: Software versions which have reached End of Technical Support (EoTS) are not evaluated. |
| 7.8 | 2023-10-10 | CVE-2023-43611 | The BIG-IP Edge Client Installer on macOS does not follow best practices for elevating privileges during the installation process. This vulnerability is due to an incomplete fix for CVE-2023-38418.  Note: Software versions which have reached End of Technical Support (EoTS) are not evaluated |
| 5.5 | 2023-10-10 | CVE-2023-43485 | When TACACS+ audit forwarding is configured on BIG-IP or BIG-IQ system, sharedsecret is logged in plaintext in the audit log. Note: Software versions which have reached End of Technical Support (EoTS) are not evaluated. |
| 7.2 | 2023-10-10 | CVE-2023-42768 | When a non-admin user has been assigned an administrator role via an iControl REST PUT request and later the user's role is reverted back to a non-admin role via the Configuration utility, tmsh, or iControl REST. BIG-IP non-admin user can still have access to iControl REST admin resource.  Note: Software versions which have reached End of Technical Support (EoTS) are not evaluated. |
| 6.5 | 2023-10-10 | CVE-2023-41964 | The BIG-IP and BIG-IQ systems do not encrypt some sensitive information written to Database (DB) variables. Note: Software versions which have reached End of Technical Support (EoTS) are not evaluated. |
| 9.9 | 2023-10-10 | CVE-2023-41373 | A directory traversal vulnerability exists in the BIG-IP Configuration Utility that may allow an authenticated attacker to execute commands on the BIG-IP system. For BIG-IP system running in Appliance mode, a successful exploit can allow the attacker to cross a security boundary. Note: Software versions which have reached End of Technical Support (EoTS) are not evaluated. |
| 7.5 | 2023-10-10 | CVE-2023-41085 | When IPSec is configured on a Virtual Server, undisclosed traffic can cause TMM to terminate. Note: Software versions which have reached End of Technical Support (EoTS) are not evaluated. |
| 7.5 | 2023-10-10 | CVE-2023-40542 | When TCP Verified Accept is enabled on a TCP profile that is configured on a Virtual Server, undisclosed requests can cause an increase in memory resource utilization. Note: Software versions which have reached End of Technical Support (EoTS) are not evaluated |
| 8.1 | 2023-10-10 | CVE-2023-40537 | An authenticated user's session cookie may remain valid for a limited time after logging out from the BIG-IP Configuration utility on a multi-blade VIPRION platform. Note: Software versions which have reached End of Technical Support (EoTS) are not evaluated. |
| 7.5 | 2023-10-10 | CVE-2023-40534 | When a client-side HTTP/2 profile and the HTTP MRF Router option are enabled for a virtual server, and an iRule using the HTTP_REQUEST event or Local Traffic Policy are associated with the virtual server, undisclosed requests can cause TMM to terminate. Note: Software versions which have reached End of Technical Support (EoTS) are not evaluated. |
CWE : Common Weakness Enumeration
| % | id | Name |
|---|---|---|
| 13% (31) | CWE-20 | Improper Input Validation |
| 10% (25) | CWE-79 | Failure to Preserve Web Page Structure ('Cross-site Scripting') |
| 9% (21) | CWE-400 | Uncontrolled Resource Consumption ('Resource Exhaustion') |
| 5% (12) | CWE-476 | NULL Pointer Dereference |
| 4% (10) | CWE-401 | Failure to Release Memory Before Removing Last Reference ('Memory L... |
| 3% (8) | CWE-269 | Improper Privilege Management |
| 3% (7) | CWE-319 | Cleartext Transmission of Sensitive Information |
| 3% (7) | CWE-200 | Information Exposure |
| 3% (7) | CWE-78 | Improper Sanitization of Special Elements used in an OS Command ('O... |
| 2% (6) | CWE-770 | Allocation of Resources Without Limits or Throttling |
| 2% (6) | CWE-362 | Race Condition |
| 2% (6) | CWE-22 | Improper Limitation of a Pathname to a Restricted Directory ('Path ... |
| 2% (5) | CWE-203 | Information Exposure Through Discrepancy |
| 2% (5) | CWE-119 | Failure to Constrain Operations within the Bounds of a Memory Buffer |
| 1% (4) | CWE-404 | Improper Resource Shutdown or Release |
| 1% (4) | CWE-352 | Cross-Site Request Forgery (CSRF) |
| 1% (4) | CWE-326 | Inadequate Encryption Strength |
| 1% (4) | CWE-295 | Certificate Issues |
| 1% (4) | CWE-77 | Improper Sanitization of Special Elements used in a Command ('Comma... |
| 1% (3) | CWE-613 | Insufficient Session Expiration |
| 1% (3) | CWE-434 | Unrestricted Upload of File with Dangerous Type |
| 1% (3) | CWE-287 | Improper Authentication |
| 1% (3) | CWE-125 | Out-of-bounds Read |
| 0% (2) | CWE-787 | Out-of-bounds Write |
| 0% (2) | CWE-772 | Missing Release of Resource after Effective Lifetime |
SAINT Exploits
| Description | Link |
|---|---|
| F5 BIG-IP iControl REST vulnerability | More info here |
| Bash environment variable code injection over HTTP | More info here |
| Bash Environment Variable Handling Shell Command Injection Via CUPS | More info here |
| ShellShock DHCP Server | More info here |
Open Source Vulnerability Database (OSVDB)
| id | Description |
|---|---|
| 75716 | Linux Kernel Sequence Number Generation Weakness Remote Packet Injection |
ExploitDB Exploits
| id | Description |
|---|---|
| 35146 | PHP 5.x Shellshock Exploit (bypass disable_functions) |
| 35115 | CUPS Filter Bash Environment Variable Code Injection |
| 34879 | OpenVPN 2.2.29 - ShellShock Exploit |
| 34860 | GNU bash 4.3.11 Environment Variable dhclient Exploit |
| 34839 | IPFire Cgi Web Interface Authenticated Bash Environment Variable Code Injecti... |
| 34777 | GNU bash Environment Variable Command Injection (MSF) |
| 33516 | Linux kernel 3.14-rc1 <= 3.15-rc4 - Raw Mode PTY Local Echo Race Condition... |
OpenVAS Exploits
| id | Description |
|---|---|
| 2013-09-18 | Name : Debian Security Advisory DSA 2581-1 (mysql-5.1 - several vulnerabilities) File : nvt/deb_2581_1.nasl |
| 2012-11-26 | Name : Oracle MySQL Server Multiple Vulnerabilities-01 Nov12 (Windows) File : nvt/gb_oracle_mysql_multiple_vuln01_nov12_win.nasl |
| 2012-11-15 | Name : CentOS Update for mysql CESA-2012:1462 centos6 File : nvt/gb_CESA-2012_1462_mysql_centos6.nasl |
| 2012-11-15 | Name : RedHat Update for mysql RHSA-2012:1462-01 File : nvt/gb_RHSA-2012_1462-01_mysql.nasl |
| 2012-11-06 | Name : Ubuntu Update for mysql-5.5 USN-1621-1 File : nvt/gb_ubuntu_USN_1621_1.nasl |
| 2012-08-31 | Name : VMSA-2012-0013 VMware vSphere and vCOps updates to third party libraries. File : nvt/gb_VMSA-2012-0013.nasl |
| 2012-07-30 | Name : CentOS Update for kernel CESA-2011:1386 centos5 x86_64 File : nvt/gb_CESA-2011_1386_kernel_centos5_x86_64.nasl |
| 2012-07-09 | Name : RedHat Update for kernel RHSA-2011:1465-01 File : nvt/gb_RHSA-2011_1465-01_kernel.nasl |
| 2011-12-02 | Name : Fedora Update for kernel FEDORA-2011-16346 File : nvt/gb_fedora_2011_16346_kernel_fc14.nasl |
| 2011-11-11 | Name : Ubuntu Update for linux-lts-backport-natty USN-1256-1 File : nvt/gb_ubuntu_USN_1256_1.nasl |
| 2011-11-11 | Name : Ubuntu Update for linux USN-1253-1 File : nvt/gb_ubuntu_USN_1253_1.nasl |
| 2011-11-08 | Name : Fedora Update for kernel FEDORA-2011-15241 File : nvt/gb_fedora_2011_15241_kernel_fc14.nasl |
| 2011-10-31 | Name : Fedora Update for kernel FEDORA-2011-14747 File : nvt/gb_fedora_2011_14747_kernel_fc14.nasl |
| 2011-10-31 | Name : Ubuntu Update for linux USN-1246-1 File : nvt/gb_ubuntu_USN_1246_1.nasl |
| 2011-10-31 | Name : Ubuntu Update for linux-mvl-dove USN-1245-1 File : nvt/gb_ubuntu_USN_1245_1.nasl |
| 2011-10-31 | Name : Ubuntu Update for linux USN-1243-1 File : nvt/gb_ubuntu_USN_1243_1.nasl |
| 2011-10-31 | Name : Ubuntu Update for linux-lts-backport-maverick USN-1242-1 File : nvt/gb_ubuntu_USN_1242_1.nasl |
| 2011-10-31 | Name : Ubuntu Update for linux-fsl-imx51 USN-1241-1 File : nvt/gb_ubuntu_USN_1241_1.nasl |
| 2011-10-31 | Name : Ubuntu Update for linux-mvl-dove USN-1240-1 File : nvt/gb_ubuntu_USN_1240_1.nasl |
| 2011-10-31 | Name : Ubuntu Update for linux-ec2 USN-1239-1 File : nvt/gb_ubuntu_USN_1239_1.nasl |
| 2011-10-21 | Name : Ubuntu Update for linux USN-1236-1 File : nvt/gb_ubuntu_USN_1236_1.nasl |
| 2011-10-21 | Name : RedHat Update for kernel RHSA-2011:1386-01 File : nvt/gb_RHSA-2011_1386-01_kernel.nasl |
| 2011-10-21 | Name : CentOS Update for kernel CESA-2011:1386 centos5 i386 File : nvt/gb_CESA-2011_1386_kernel_centos5_i386.nasl |
| 2011-10-14 | Name : Ubuntu Update for linux-ti-omap4 USN-1228-1 File : nvt/gb_ubuntu_USN_1228_1.nasl |
| 2011-10-10 | Name : Fedora Update for kernel FEDORA-2011-12874 File : nvt/gb_fedora_2011_12874_kernel_fc14.nasl |
Information Assurance Vulnerability Management (IAVM)
| id | Description |
|---|---|
| 2014-A-0142 | GNU Bash Shell Code Execution Vulnerability Severity: Category I - VMSKEY: V0054753 |
| 2012-A-0153 | Multiple Vulnerabilities in VMware ESX 4.0 and ESXi 4.0 Severity: Category I - VMSKEY: V0033884 |
| 2012-A-0148 | Multiple Vulnerabilities in VMware ESXi 4.1 and ESX 4.1 Severity: Category I - VMSKEY: V0033794 |
| 2012-A-0136 | Multiple Vulnerabilities in Juniper Network Management Products Severity: Category I - VMSKEY: V0033662 |
Snort® IPS/IDS
| Date | Description |
|---|---|
| 2020-08-11 | F5 BIG-IP Traffic Management User Interface remote code execution attempt RuleID : 54484 - Type : SERVER-WEBAPP - Revision : 2 |
| 2020-08-06 | F5 BIG-IP Traffic Management User Interface remote code execution attempt RuleID : 54462 - Type : SERVER-WEBAPP - Revision : 3 |
| 2020-07-07 | lodash defaultsDeep prototype pollution attempt RuleID : 54184 - Type : SERVER-OTHER - Revision : 1 |
| 2018-04-05 | limited RSA ciphersuite list - possible Bleichenbacher SSL attack attempt RuleID : 45830 - Type : SERVER-OTHER - Revision : 1 |
| 2018-01-17 | limited RSA ciphersuite list - possible Bleichenbacher SSL attack attempt RuleID : 45201 - Type : SERVER-OTHER - Revision : 2 |
| 2018-01-17 | limited RSA ciphersuite list - possible Bleichenbacher SSL attack attempt RuleID : 45200 - Type : SERVER-OTHER - Revision : 2 |
| 2018-01-17 | limited RSA ciphersuite list - possible Bleichenbacher SSL attack attempt RuleID : 45199 - Type : SERVER-OTHER - Revision : 2 |
| 2016-03-15 | Linux kernel SCTP handshake COOKIE ECHO Chunks denial of service attempt RuleID : 37654 - Type : OS-LINUX - Revision : 2 |
| 2016-03-14 | Linux kernel SCTP handshake COOKIE ECHO Chunks denial of service attempt RuleID : 37408 - Type : OS-LINUX - Revision : 2 |
| 2015-07-13 | Linux.Trojan.ChinaZ outbound connection RuleID : 34847 - Type : MALWARE-CNC - Revision : 3 |
| 2014-10-30 | Bash environment variable injection attempt RuleID : 32366-community - Type : OS-OTHER - Revision : 2 |
| 2014-12-02 | Bash environment variable injection attempt RuleID : 32366 - Type : OS-OTHER - Revision : 2 |
| 2014-10-24 | Bash CGI environment variable injection attempt RuleID : 32336-community - Type : OS-OTHER - Revision : 2 |
| 2014-11-25 | Bash CGI environment variable injection attempt RuleID : 32336 - Type : OS-OTHER - Revision : 2 |
| 2014-10-24 | Bash CGI environment variable injection attempt RuleID : 32335-community - Type : OS-OTHER - Revision : 2 |
| 2014-11-25 | Bash CGI environment variable injection attempt RuleID : 32335 - Type : OS-OTHER - Revision : 2 |
| 2014-10-03 | Bash environment variable injection attempt RuleID : 32069-community - Type : OS-OTHER - Revision : 3 |
| 2014-11-16 | Bash environment variable injection attempt RuleID : 32069 - Type : OS-OTHER - Revision : 3 |
| 2014-10-01 | Bash environment variable injection attempt RuleID : 32043-community - Type : OS-OTHER - Revision : 3 |
| 2014-11-16 | Bash environment variable injection attempt RuleID : 32043 - Type : OS-OTHER - Revision : 3 |
| 2014-10-01 | Bash environment variable injection attempt RuleID : 32042-community - Type : OS-OTHER - Revision : 4 |
| 2014-11-16 | Bash environment variable injection attempt RuleID : 32042 - Type : OS-OTHER - Revision : 4 |
| 2014-10-01 | Bash environment variable injection attempt RuleID : 32041-community - Type : OS-OTHER - Revision : 4 |
| 2014-11-16 | Bash environment variable injection attempt RuleID : 32041 - Type : OS-OTHER - Revision : 4 |
| 2014-10-01 | Bash environment variable injection attempt RuleID : 32039-community - Type : OS-OTHER - Revision : 3 |
Nessus® Vulnerability Scanner
| id | Description |
|---|---|
| 2019-01-11 | Name: The remote Virtuozzo host is missing multiple security updates. File: Virtuozzo_VZA-2018-075.nasl - Type: ACT_GATHER_INFO |
| 2019-01-10 | Name: The remote device is affected by multiple vulnerabilities. File: juniper_space_jsa10917_184R1.nasl - Type: ACT_GATHER_INFO |
| 2019-01-03 | Name: The remote Fedora host is missing a security update. File: fedora_2018-50075276e8.nasl - Type: ACT_GATHER_INFO |
| 2018-12-21 | Name: The remote device is missing a vendor-supplied security patch. File: f5_bigip_SOL23328310.nasl - Type: ACT_GATHER_INFO |
| 2018-12-21 | Name: The remote device is missing a vendor-supplied security patch. File: f5_bigip_SOL61620494.nasl - Type: ACT_GATHER_INFO |
| 2018-12-14 | Name: The remote device is missing a vendor-supplied security patch. File: f5_bigip_SOL95343321.nasl - Type: ACT_GATHER_INFO |
| 2018-12-13 | Name: The remote device is missing a vendor-supplied security patch. File: f5_bigip_SOL42027747.nasl - Type: ACT_GATHER_INFO |
| 2018-12-11 | Name: The remote EulerOS host is missing multiple security updates. File: EulerOS_SA-2018-1406.nasl - Type: ACT_GATHER_INFO |
| 2018-12-05 | Name: The remote PhotonOS host is missing multiple security updates. File: PhotonOS_PHSA-2018-2_0-0101.nasl - Type: ACT_GATHER_INFO |
| 2018-11-16 | Name: The remote CentOS host is missing one or more security updates. File: centos_RHSA-2018-3083.nasl - Type: ACT_GATHER_INFO |
| 2018-11-02 | Name: The remote device is missing a vendor-supplied security patch. File: f5_bigip_SOL00363258.nasl - Type: ACT_GATHER_INFO |
| 2018-11-02 | Name: The remote device is missing a vendor-supplied security patch. File: f5_bigip_SOL01067037.nasl - Type: ACT_GATHER_INFO |
| 2018-11-02 | Name: The remote device is missing a vendor-supplied security patch. File: f5_bigip_SOL02043709.nasl - Type: ACT_GATHER_INFO |
| 2018-11-02 | Name: The remote device is missing a vendor-supplied security patch. File: f5_bigip_SOL02714910.nasl - Type: ACT_GATHER_INFO |
| 2018-11-02 | Name: The remote device is missing a vendor-supplied security patch. File: f5_bigip_SOL03165684.nasl - Type: ACT_GATHER_INFO |
| 2018-11-02 | Name: The remote device is missing a vendor-supplied security patch. File: f5_bigip_SOL05112543.nasl - Type: ACT_GATHER_INFO |
| 2018-11-02 | Name: The remote device is missing a vendor-supplied security patch. File: f5_bigip_SOL05263202.nasl - Type: ACT_GATHER_INFO |
| 2018-11-02 | Name: The remote device is missing a vendor-supplied security patch. File: f5_bigip_SOL07550539.nasl - Type: ACT_GATHER_INFO |
| 2018-11-02 | Name: The remote device is missing a vendor-supplied security patch. File: f5_bigip_SOL10930474.nasl - Type: ACT_GATHER_INFO |
| 2018-11-02 | Name: The remote device is missing a vendor-supplied security patch. File: f5_bigip_SOL11718033.nasl - Type: ACT_GATHER_INFO |
| 2018-11-02 | Name: The remote device is missing a vendor-supplied security patch. File: f5_bigip_SOL12044607.nasl - Type: ACT_GATHER_INFO |
| 2018-11-02 | Name: The remote device is missing a vendor-supplied security patch. File: f5_bigip_SOL16248201.nasl - Type: ACT_GATHER_INFO |
| 2018-11-02 | Name: The remote device is missing a vendor-supplied security patch. File: f5_bigip_SOL19361245.nasl - Type: ACT_GATHER_INFO |
| 2018-11-02 | Name: The remote device is missing a vendor-supplied security patch. File: f5_bigip_SOL20134942.nasl - Type: ACT_GATHER_INFO |
| 2018-11-02 | Name: The remote device is missing a vendor-supplied security patch. File: f5_bigip_SOL20222812.nasl - Type: ACT_GATHER_INFO |
