Summary
Detail | |||
---|---|---|---|
Vendor | f5 | First view | 2012-05-24 |
Product | Big-Ip Access Policy Manager | Last view | 2023-10-26 |
Version | Type | ||
Update | |||
Edition | |||
Language | |||
Sofware Edition | |||
Target Software | |||
Target Hardware | |||
Other |
Activity : Overall
COMMON PLATFORM ENUMERATION: Repartition per Version
Related : CVE
Date | Alert | Description | |
---|---|---|---|
8.8 | 2023-10-26 | CVE-2023-46748 | An authenticated SQL injection vulnerability exists in the BIG-IP Configuration utility which may allow an authenticated attacker with network access to the Configuration utility through the BIG-IP management port and/or self IP addresses to execute arbitrary system commands. Â Note: Software versions which have reached End of Technical Support (EoTS) are not evaluated |
9.8 | 2023-10-26 | CVE-2023-46747 | Undisclosed requests may bypass configuration utility authentication, allowing an attacker with network access to the BIG-IP system through the management port and/or self IP addresses to execute arbitrary system commands.  Note: Software versions which have reached End of Technical Support (EoTS) are not evaluated |
7.8 | 2023-10-10 | CVE-2023-5450 | An insufficient verification of data vulnerability exists in BIG-IP Edge Client Installer on macOS that may allow an attacker elevation of privileges during the installation process. Note: Software versions which have reached End of Technical Support (EoTS) are not evaluated. |
4.4 | 2023-10-10 | CVE-2023-45219 | Exposure of Sensitive Information vulnerability exist in an undisclosed BIG-IP TMOS shell (tmsh) command which may allow an authenticated attacker with resource administrator role privileges to view sensitive information.  Note: Software versions which have reached End of Technical Support (EoTS) are not evaluated. |
7.5 | 2023-10-10 | CVE-2023-44487 | The HTTP/2 protocol allows a denial of service (server resource consumption) because request cancellation can reset many streams quickly, as exploited in the wild in August through October 2023. |
8.7 | 2023-10-10 | CVE-2023-43746 | When running in Appliance mode, an authenticated user assigned the Administrator role may be able to bypass Appliance mode restrictions, utilizing BIG-IP external monitor on a BIG-IP system. A successful exploit can allow the attacker to cross a security boundary. Note: Software versions which have reached End of Technical Support (EoTS) are not evaluated. |
7.8 | 2023-10-10 | CVE-2023-43611 | The BIG-IP Edge Client Installer on macOS does not follow best practices for elevating privileges during the installation process. This vulnerability is due to an incomplete fix for CVE-2023-38418.  Note: Software versions which have reached End of Technical Support (EoTS) are not evaluated |
5.5 | 2023-10-10 | CVE-2023-43485 | When TACACS+ audit forwarding is configured on BIG-IP or BIG-IQ system, sharedsecret is logged in plaintext in the audit log. Note: Software versions which have reached End of Technical Support (EoTS) are not evaluated. |
7.2 | 2023-10-10 | CVE-2023-42768 | When a non-admin user has been assigned an administrator role via an iControl REST PUT request and later the user's role is reverted back to a non-admin role via the Configuration utility, tmsh, or iControl REST. BIG-IP non-admin user can still have access to iControl REST admin resource.  Note: Software versions which have reached End of Technical Support (EoTS) are not evaluated. |
6.5 | 2023-10-10 | CVE-2023-41964 | The BIG-IP and BIG-IQ systems do not encrypt some sensitive information written to Database (DB) variables. Note: Software versions which have reached End of Technical Support (EoTS) are not evaluated. |
9.9 | 2023-10-10 | CVE-2023-41373 | A directory traversal vulnerability exists in the BIG-IP Configuration Utility that may allow an authenticated attacker to execute commands on the BIG-IP system. For BIG-IP system running in Appliance mode, a successful exploit can allow the attacker to cross a security boundary. Note: Software versions which have reached End of Technical Support (EoTS) are not evaluated. |
7.5 | 2023-10-10 | CVE-2023-41085 | When IPSec is configured on a Virtual Server, undisclosed traffic can cause TMM to terminate. Note: Software versions which have reached End of Technical Support (EoTS) are not evaluated. |
7.5 | 2023-10-10 | CVE-2023-40542 | When TCP Verified Accept is enabled on a TCP profile that is configured on a Virtual Server, undisclosed requests can cause an increase in memory resource utilization. Note: Software versions which have reached End of Technical Support (EoTS) are not evaluated |
8.1 | 2023-10-10 | CVE-2023-40537 | An authenticated user's session cookie may remain valid for a limited time after logging out from the BIG-IP Configuration utility on a multi-blade VIPRION platform. Note: Software versions which have reached End of Technical Support (EoTS) are not evaluated. |
7.5 | 2023-10-10 | CVE-2023-40534 | When a client-side HTTP/2 profile and the HTTP MRF Router option are enabled for a virtual server, and an iRule using the HTTP_REQUEST event or Local Traffic Policy are associated with the virtual server, undisclosed requests can cause TMM to terminate. Note: Software versions which have reached End of Technical Support (EoTS) are not evaluated. |
4.4 | 2023-10-10 | CVE-2023-39447 | When BIG-IP APM Guided Configurations are configured, undisclosed sensitive information may be logged in restnoded log.  Note: Software versions which have reached End of Technical Support (EoTS) are not evaluated. |
8.2 | 2023-09-27 | CVE-2023-43125 | BIG-IP APM clients may send IP traffic outside of the VPN tunnel. Note: Software versions which have reached End of Technical Support (EoTS) are not evaluated |
7.1 | 2023-09-27 | CVE-2023-43124 | BIG-IP APM clients may send IP traffic outside of the VPN tunnel.  Note: Software versions which have reached End of Technical Support (EoTS) are not evaluated |
5.4 | 2023-08-02 | CVE-2023-38423 | A cross-site scripting (XSS) vulnerability exists in an undisclosed page of the BIG-IP Configuration utility that allows an attacker to run JavaScript in the context of the currently logged-in user. Note: Software versions which have reached End of Technical Support (EoTS) are not evaluated. |
4.3 | 2023-08-02 | CVE-2023-38419 | An authenticated attacker with guest privileges or higher can cause the iControl SOAP process to terminate by sending undisclosed requests.  Note: Software versions which have reached End of Technical Support (EoTS) are not evaluated. |
7.8 | 2023-08-02 | CVE-2023-38418 | The BIG-IP Edge Client Installer on macOS does not follow best practices for elevating privileges during the installation process. Note: Software versions which have reached End of Technical Support (EoTS) are not evaluated. |
6.1 | 2023-08-02 | CVE-2023-38138 | A reflected cross-site scripting (XSS) vulnerability exists in an undisclosed page of the BIG-IP Configuration utility which allows an attacker to run JavaScript in the context of the currently logged-in user. Note: Software versions which have reached End of Technical Support (EoTS) are not evaluated. |
5.5 | 2023-08-02 | CVE-2023-36858 | An insufficient verification of data vulnerability exists in BIG-IP Edge Client for Windows and macOS that may allow an attacker to modify its configured server list.  Note: Software versions which have reached End of Technical Support (EoTS) are not evaluated. |
6.1 | 2023-08-02 | CVE-2023-3470 | Specific F5 BIG-IP platforms with Cavium Nitrox FIPS HSM cards generate a deterministic password for the Crypto User account. Â The predictable nature of the password allows an authenticated user with TMSH access to the BIG-IP system, or anyone with physical access to the FIPS HSM, the information required to generate the correct password. Â On vCMP systems, all Guests share the same deterministic password, allowing those with TMSH access on one Guest to access keys of a different Guest. The following BIG-IP hardware platforms are affected: 10350v-F, i5820-DF, i7820-DF, i15820-DF, 5250v-F, 7200v-F, 10200v-F, 6900-F, 8900-F, 11000-F, and 11050-F. The BIG-IP rSeries r5920-DF and r10920-DF are not affected, nor does the issue affect software FIPS implementations or network HSM configurations. Note: Software versions which have reached End of Technical Support (EoTS) are not evaluated. |
7.5 | 2023-05-03 | CVE-2023-29163 | When UDP profile with idle timeout set to immediate or the value 0 is configured on a virtual server, undisclosed traffic can cause TMM to terminate. Note: Software versions which have reached End of Technical Support (EoTS) are not evaluated. |
CWE : Common Weakness Enumeration
% | id | Name |
---|---|---|
14% (53) | CWE-20 | Improper Input Validation |
10% (40) | CWE-79 | Failure to Preserve Web Page Structure ('Cross-site Scripting') |
9% (36) | CWE-400 | Uncontrolled Resource Consumption ('Resource Exhaustion') |
4% (17) | CWE-200 | Information Exposure |
3% (13) | CWE-476 | NULL Pointer Dereference |
2% (11) | CWE-532 | Information Leak Through Log Files |
2% (10) | CWE-401 | Failure to Release Memory Before Removing Last Reference ('Memory L... |
2% (10) | CWE-319 | Cleartext Transmission of Sensitive Information |
2% (10) | CWE-269 | Improper Privilege Management |
2% (9) | CWE-22 | Improper Limitation of a Pathname to a Restricted Directory ('Path ... |
2% (8) | CWE-362 | Race Condition |
2% (8) | CWE-119 | Failure to Constrain Operations within the Bounds of a Memory Buffer |
1% (7) | CWE-284 | Access Control (Authorization) Issues |
1% (7) | CWE-264 | Permissions, Privileges, and Access Controls |
1% (6) | CWE-732 | Incorrect Permission Assignment for Critical Resource |
1% (6) | CWE-352 | Cross-Site Request Forgery (CSRF) |
1% (6) | CWE-295 | Certificate Issues |
1% (5) | CWE-287 | Improper Authentication |
1% (4) | CWE-772 | Missing Release of Resource after Effective Lifetime |
1% (4) | CWE-770 | Allocation of Resources Without Limits or Throttling |
1% (4) | CWE-754 | Improper Check for Unusual or Exceptional Conditions |
1% (4) | CWE-613 | Insufficient Session Expiration |
1% (4) | CWE-601 | URL Redirection to Untrusted Site ('Open Redirect') |
1% (4) | CWE-427 | Uncontrolled Search Path Element |
1% (4) | CWE-404 | Improper Resource Shutdown or Release |
Oval Markup Language : Definitions
OvalID | Name |
---|---|
oval:org.mitre.oval:def:21093 | USN-1236-1 -- linux vulnerabilities |
oval:org.mitre.oval:def:20253 | VMware vSphere and vCOps updates to third party libraries |
oval:org.mitre.oval:def:24219 | RHSA-2014:0328: kernel security and bug fix update (Important) |
oval:org.mitre.oval:def:23690 | ELSA-2014:0328: kernel security and bug fix update (Important) |
oval:org.mitre.oval:def:27035 | DEPRECATED: ELSA-2014-0328 -- kernel security and bug fix update (important) |
oval:org.mitre.oval:def:24863 | USN-2196-1 -- linux vulnerability |
oval:org.mitre.oval:def:24838 | USN-2198-1 -- linux vulnerability |
oval:org.mitre.oval:def:24818 | USN-2197-1 -- linux-ec2 vulnerability |
oval:org.mitre.oval:def:24747 | USN-2204-1 -- linux vulnerability |
oval:org.mitre.oval:def:24706 | USN-2201-1 -- linux-lts-saucy vulnerability |
oval:org.mitre.oval:def:24673 | USN-2199-1 -- linux-lts-quantal vulnerability |
oval:org.mitre.oval:def:24668 | USN-2202-1 -- linux vulnerability |
oval:org.mitre.oval:def:24543 | USN-2203-1 -- linux vulnerability |
oval:org.mitre.oval:def:24445 | USN-2200-1 -- linux-lts-raring vulnerability |
oval:org.mitre.oval:def:25258 | RHSA-2014:0678: kernel security update (Important) |
oval:org.mitre.oval:def:25233 | SUSE-SU-2014:0667-1 -- Security update for Linux Kernel |
oval:org.mitre.oval:def:27162 | ELSA-2014-0678 -- kernel security update (important) |
SAINT Exploits
Description | Link |
---|---|
F5 rsync daemon ConfigSync interface cmi module vulnerability | More info here |
F5 BIG-IP iControl REST vulnerability | More info here |
Open Source Vulnerability Database (OSVDB)
id | Description |
---|---|
75716 | Linux Kernel Sequence Number Generation Weakness Remote Packet Injection |
ExploitDB Exploits
id | Description |
---|---|
33516 | Linux kernel 3.14-rc1 <= 3.15-rc4 - Raw Mode PTY Local Echo Race Condition... |
OpenVAS Exploits
id | Description |
---|---|
2013-09-18 | Name : Debian Security Advisory DSA 2581-1 (mysql-5.1 - several vulnerabilities) File : nvt/deb_2581_1.nasl |
2012-11-26 | Name : Oracle MySQL Server Multiple Vulnerabilities-01 Nov12 (Windows) File : nvt/gb_oracle_mysql_multiple_vuln01_nov12_win.nasl |
2012-11-15 | Name : CentOS Update for mysql CESA-2012:1462 centos6 File : nvt/gb_CESA-2012_1462_mysql_centos6.nasl |
2012-11-15 | Name : RedHat Update for mysql RHSA-2012:1462-01 File : nvt/gb_RHSA-2012_1462-01_mysql.nasl |
2012-11-06 | Name : Ubuntu Update for mysql-5.5 USN-1621-1 File : nvt/gb_ubuntu_USN_1621_1.nasl |
2012-08-31 | Name : VMSA-2012-0013 VMware vSphere and vCOps updates to third party libraries. File : nvt/gb_VMSA-2012-0013.nasl |
2012-07-30 | Name : CentOS Update for kernel CESA-2011:1386 centos5 x86_64 File : nvt/gb_CESA-2011_1386_kernel_centos5_x86_64.nasl |
2012-07-09 | Name : RedHat Update for kernel RHSA-2011:1465-01 File : nvt/gb_RHSA-2011_1465-01_kernel.nasl |
2011-12-02 | Name : Fedora Update for kernel FEDORA-2011-16346 File : nvt/gb_fedora_2011_16346_kernel_fc14.nasl |
2011-11-11 | Name : Ubuntu Update for linux-lts-backport-natty USN-1256-1 File : nvt/gb_ubuntu_USN_1256_1.nasl |
2011-11-11 | Name : Ubuntu Update for linux USN-1253-1 File : nvt/gb_ubuntu_USN_1253_1.nasl |
2011-11-08 | Name : Fedora Update for kernel FEDORA-2011-15241 File : nvt/gb_fedora_2011_15241_kernel_fc14.nasl |
2011-10-31 | Name : Fedora Update for kernel FEDORA-2011-14747 File : nvt/gb_fedora_2011_14747_kernel_fc14.nasl |
2011-10-31 | Name : Ubuntu Update for linux USN-1246-1 File : nvt/gb_ubuntu_USN_1246_1.nasl |
2011-10-31 | Name : Ubuntu Update for linux-mvl-dove USN-1245-1 File : nvt/gb_ubuntu_USN_1245_1.nasl |
2011-10-31 | Name : Ubuntu Update for linux USN-1243-1 File : nvt/gb_ubuntu_USN_1243_1.nasl |
2011-10-31 | Name : Ubuntu Update for linux-lts-backport-maverick USN-1242-1 File : nvt/gb_ubuntu_USN_1242_1.nasl |
2011-10-31 | Name : Ubuntu Update for linux-fsl-imx51 USN-1241-1 File : nvt/gb_ubuntu_USN_1241_1.nasl |
2011-10-31 | Name : Ubuntu Update for linux-mvl-dove USN-1240-1 File : nvt/gb_ubuntu_USN_1240_1.nasl |
2011-10-31 | Name : Ubuntu Update for linux-ec2 USN-1239-1 File : nvt/gb_ubuntu_USN_1239_1.nasl |
2011-10-21 | Name : Ubuntu Update for linux USN-1236-1 File : nvt/gb_ubuntu_USN_1236_1.nasl |
2011-10-21 | Name : RedHat Update for kernel RHSA-2011:1386-01 File : nvt/gb_RHSA-2011_1386-01_kernel.nasl |
2011-10-21 | Name : CentOS Update for kernel CESA-2011:1386 centos5 i386 File : nvt/gb_CESA-2011_1386_kernel_centos5_i386.nasl |
2011-10-14 | Name : Ubuntu Update for linux-ti-omap4 USN-1228-1 File : nvt/gb_ubuntu_USN_1228_1.nasl |
2011-10-10 | Name : Fedora Update for kernel FEDORA-2011-12874 File : nvt/gb_fedora_2011_12874_kernel_fc14.nasl |
Information Assurance Vulnerability Management (IAVM)
id | Description |
---|---|
2012-A-0153 | Multiple Vulnerabilities in VMware ESX 4.0 and ESXi 4.0 Severity: Category I - VMSKEY: V0033884 |
2012-A-0148 | Multiple Vulnerabilities in VMware ESXi 4.1 and ESX 4.1 Severity: Category I - VMSKEY: V0033794 |
2012-A-0136 | Multiple Vulnerabilities in Juniper Network Management Products Severity: Category I - VMSKEY: V0033662 |
Snort® IPS/IDS
Date | Description |
---|---|
2020-08-11 | F5 BIG-IP Traffic Management User Interface remote code execution attempt RuleID : 54484 - Type : SERVER-WEBAPP - Revision : 2 |
2020-08-06 | F5 BIG-IP Traffic Management User Interface remote code execution attempt RuleID : 54462 - Type : SERVER-WEBAPP - Revision : 3 |
2020-07-07 | lodash defaultsDeep prototype pollution attempt RuleID : 54184 - Type : SERVER-OTHER - Revision : 1 |
2017-02-10 | F5 BIG-IP TLS session ticket implementation uninitialized memory disclosure a... RuleID : 41548 - Type : SERVER-OTHER - Revision : 3 |
2014-01-10 | Destination Unreachable Fragmentation Needed and DF bit was set RuleID : 396-community - Type : PROTOCOL-ICMP - Revision : 12 |
2014-01-10 | Destination Unreachable Fragmentation Needed and DF bit was set RuleID : 396 - Type : PROTOCOL-ICMP - Revision : 12 |
2016-03-14 | glibc getaddrinfo AAAA record stack buffer overflow attempt RuleID : 37731-community - Type : PROTOCOL-DNS - Revision : 5 |
2016-03-22 | glibc getaddrinfo AAAA record stack buffer overflow attempt RuleID : 37731 - Type : PROTOCOL-DNS - Revision : 5 |
2016-03-14 | glibc getaddrinfo A record stack buffer overflow attempt RuleID : 37730-community - Type : PROTOCOL-DNS - Revision : 5 |
2016-03-22 | glibc getaddrinfo A record stack buffer overflow attempt RuleID : 37730 - Type : PROTOCOL-DNS - Revision : 5 |
2016-03-15 | Linux kernel SCTP handshake COOKIE ECHO Chunks denial of service attempt RuleID : 37654 - Type : OS-LINUX - Revision : 2 |
2016-03-14 | Linux kernel SCTP handshake COOKIE ECHO Chunks denial of service attempt RuleID : 37408 - Type : OS-LINUX - Revision : 2 |
2016-03-14 | F5 BIG-IP iControl API arbitrary command execution attempt RuleID : 36778 - Type : SERVER-WEBAPP - Revision : 2 |
2015-01-13 | TLSv1.2 POODLE CBC padding brute force attempt RuleID : 32760 - Type : SERVER-OTHER - Revision : 4 |
2015-01-13 | TLSv1.1 POODLE CBC padding brute force attempt RuleID : 32759 - Type : SERVER-OTHER - Revision : 4 |
2015-01-13 | TLSv1.0 POODLE CBC padding brute force attempt RuleID : 32758 - Type : SERVER-OTHER - Revision : 4 |
2015-01-13 | TLSv1.2 POODLE CBC padding brute force attempt RuleID : 32757 - Type : SERVER-OTHER - Revision : 4 |
2015-01-13 | TLSv1.1 POODLE CBC padding brute force attempt RuleID : 32756 - Type : SERVER-OTHER - Revision : 4 |
2015-01-13 | TLSv1.0 POODLE CBC padding brute force attempt RuleID : 32755 - Type : SERVER-OTHER - Revision : 4 |
2014-06-26 | F5 BIG-IP remote command injection attempt RuleID : 31069 - Type : SERVER-OTHER - Revision : 4 |
2014-06-26 | F5 BIG-IP iControl API hostname command injection attempt RuleID : 31068 - Type : SERVER-OTHER - Revision : 6 |
Nessus® Vulnerability Scanner
id | Description |
---|---|
2019-01-11 | Name: The remote Virtuozzo host is missing multiple security updates. File: Virtuozzo_VZA-2018-075.nasl - Type: ACT_GATHER_INFO |
2019-01-10 | Name: The remote device is affected by multiple vulnerabilities. File: juniper_space_jsa10917_184R1.nasl - Type: ACT_GATHER_INFO |
2019-01-03 | Name: The remote Fedora host is missing a security update. File: fedora_2018-50075276e8.nasl - Type: ACT_GATHER_INFO |
2018-12-28 | Name: The remote device is missing a vendor-supplied security patch. File: f5_bigip_SOL27617652.nasl - Type: ACT_GATHER_INFO |
2018-12-21 | Name: The remote device is missing a vendor-supplied security patch. File: f5_bigip_SOL23328310.nasl - Type: ACT_GATHER_INFO |
2018-12-21 | Name: The remote device is missing a vendor-supplied security patch. File: f5_bigip_SOL61620494.nasl - Type: ACT_GATHER_INFO |
2018-12-14 | Name: The remote device is missing a vendor-supplied security patch. File: f5_bigip_SOL95343321.nasl - Type: ACT_GATHER_INFO |
2018-12-13 | Name: The remote device is missing a vendor-supplied security patch. File: f5_bigip_SOL42027747.nasl - Type: ACT_GATHER_INFO |
2018-12-11 | Name: The remote EulerOS host is missing multiple security updates. File: EulerOS_SA-2018-1406.nasl - Type: ACT_GATHER_INFO |
2018-12-05 | Name: The remote PhotonOS host is missing multiple security updates. File: PhotonOS_PHSA-2018-2_0-0101.nasl - Type: ACT_GATHER_INFO |
2018-11-16 | Name: The remote CentOS host is missing one or more security updates. File: centos_RHSA-2018-3083.nasl - Type: ACT_GATHER_INFO |
2018-11-02 | Name: The remote device is missing a vendor-supplied security patch. File: f5_bigip_SOL00363258.nasl - Type: ACT_GATHER_INFO |
2018-11-02 | Name: The remote device is missing a vendor-supplied security patch. File: f5_bigip_SOL01067037.nasl - Type: ACT_GATHER_INFO |
2018-11-02 | Name: The remote device is missing a vendor-supplied security patch. File: f5_bigip_SOL02043709.nasl - Type: ACT_GATHER_INFO |
2018-11-02 | Name: The remote device is missing a vendor-supplied security patch. File: f5_bigip_SOL02714910.nasl - Type: ACT_GATHER_INFO |
2018-11-02 | Name: The remote device is missing a vendor-supplied security patch. File: f5_bigip_SOL03165684.nasl - Type: ACT_GATHER_INFO |
2018-11-02 | Name: The remote device is missing a vendor-supplied security patch. File: f5_bigip_SOL05018525.nasl - Type: ACT_GATHER_INFO |
2018-11-02 | Name: The remote device is missing a vendor-supplied security patch. File: f5_bigip_SOL05112543.nasl - Type: ACT_GATHER_INFO |
2018-11-02 | Name: The remote device is missing a vendor-supplied security patch. File: f5_bigip_SOL05263202.nasl - Type: ACT_GATHER_INFO |
2018-11-02 | Name: The remote device is missing a vendor-supplied security patch. File: f5_bigip_SOL07369970.nasl - Type: ACT_GATHER_INFO |
2018-11-02 | Name: The remote device is missing a vendor-supplied security patch. File: f5_bigip_SOL07550539.nasl - Type: ACT_GATHER_INFO |
2018-11-02 | Name: The remote device is missing a vendor-supplied security patch. File: f5_bigip_SOL10930474.nasl - Type: ACT_GATHER_INFO |
2018-11-02 | Name: The remote device is missing a vendor-supplied security patch. File: f5_bigip_SOL11718033.nasl - Type: ACT_GATHER_INFO |
2018-11-02 | Name: The remote device is missing a vendor-supplied security patch. File: f5_bigip_SOL12044607.nasl - Type: ACT_GATHER_INFO |
2018-11-02 | Name: The remote device is missing a vendor-supplied security patch. File: f5_bigip_SOL16248201.nasl - Type: ACT_GATHER_INFO |