f5 f5os-c vulnerabilities and exploits

(subscribe to this query)

8.8

CVSSv3

In F5OS-A version 1.x prior to 1.1.0 and F5OS-C version 1.x prior to 1.5.0, excessive file permissions in F5OS allows an authenticated local malicious user to execute limited set of commands in a container and impact the F5OS controller.

F5 F5os-a F5 F5os-c

7.8

CVSSv3

On F5OS-A beginning in version 1.2.0 to prior to 1.3.0 and F5OS-C beginning in version 1.3.0 to prior to 1.5.0, processing F5OS tenant file names may allow for command injection. Note: Software versions which have reached End of Technical Support (EoTS) are not evaluated.

F5 F5os-c F5 F5os-a

5.5

CVSSv3

In F5OS-A version 1.x prior to 1.1.0 and F5OS-C version 1.x prior to 1.4.0, a directory traversal vulnerability exists in an undisclosed location of the F5OS CLI that allows an malicious user to read arbitrary files.

F5 F5os-c F5 F5os-a

7.5

CVSSv3

The Diffie-Hellman Key Agreement Protocol allows remote attackers (from the client side) to send arbitrary numbers that are actually not public keys, and trigger expensive server-side DHE modular-exponentiation calculations, aka a D(HE)at or D(HE)ater attack. The client needs ver...

3 Github repositories

Get Started

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Twitter Reddit Linkedin Facebook